Previous      Contents      Next
Sun Java System Identity Pack 2005Q4M3 Installation

1

Before You Install

Use the information and procedures in the following sections to prepare for installation of Identity Install Pack:

Supported Software and Environments
Recommended Configurations
Prerequisite Tasks

---

Supported Software and Environments

This section lists software and environments that are compatible with the software:

Operating Systems
Application Servers
Browsers
Database Servers
Java Runtime Environment
Sun Identity Manager Gateway
Supported Resources
Web Servers

---

Note  Because software product developers frequently ship new versions, updates, and fixes to their software, the information published here changes often. Review the release notes for updates before proceeding with installation.

---

Operating Systems

AIX 4.3.3, 5.2, 5L v5.3
HP-UX 11i v1, 11i v2
Microsoft Windows 2000 SP3 or above
Microsoft Windows 2003
Solaris 8, 9, 10 Sparc and x86d
Red Hat Linux Advanced Server 2.1
Red Hat Linux Enterprise Server 3.0, 4.0
Novell SuSE Linux Enterprise Server 9 SP1

Application Servers

The application server you use with these applications must be Servlet 2.2-compliant and installed with the included Java platform (unless noted as follows):

Apache Tomcat
Version 4.1.x (with JDK 1.4.2)
Version 5.0.x (with JDK 1.4.2)
BEA WebLogic® Express 8.1 (with JDK 1.4.2)
BEA WebLogic® Server™ 8.1 (with JDK 1.4.2)
IBM WebSphere® 6.0
IBM WebSphere® Application Server - Express Version 5.1.1 (with JDK 1.4.2)
Sun™ ONE Application Server 7
Sun Java™ System Application Server Platform Edition 8
Sun Java™ System Application Server Platform Edition and Enterprise Edition 8.1

---

Note  If your current application server does not support JDK 1.4.2, please check with your vendor to examine the implications of upgrading to one that does before installing Identity Installation Pack 2005Q4M3.

---

Browsers

Microsoft Internet Explorer 5.x and later
Safari 2.0 and later for Mac OS X 10.3.3 and later
Mozilla 1.78 with JRE 1.5
Firefox 1.04,1.05,1.06 with JRE 1.5

Database Servers and Directories

IBM® DB2® Universal Database for Linux, UNIX®, and Windows®
7.x, 8.1, 8.2
Microsoft SQL Server™ 2000
MySQL™ 4.1
Oracle 9 ® and Oracle 10g ®
Oracle Database 10g Release 1®
Oracle E-Business Suite (Financials) 11.5.10®

---

Note  You must configure your database with a character set that will support the characters that you want to store. If you need to store multi-byte characters, you should use a character set (such as UTF-8) that supports Unicode.

---

See for DBMS Recovery and the Repository DBMS recovery information.

Sun Identity Manager Gateway

See Chapter 11, Install the Sun Identity Manager Gateway, for further information on the Sun Identity Manager Gateway.

Supported Resources

Databases   IBM® DB2® Universal Database for Linux, UNIX®, and Windows® (7.x, 8.1, 8.2)   Microsoft® Identity Integration Server (MIIS) 2003   Microsoft SQL Server 2000   MySQL™ 4.0.x   Oracle9i®   Oracle Database 10g Release 1®   Sybase Adaptive Server® 12.x Directories   Sun™ Java System Directory Server 5 2004Q2, 2005Q1(1)   LDAP v3(2)   Microsoft® Active Directory® 2000, 2003   Novell® eDirectory on Novell NetWare 5.1, 6.0   Open LDAP ERP Systems   Oracle Financials on Oracle Applications 11.5.9, 11.5.10   Peoplesoft (Read Only) with: People Tools 8.1.8 w/ PS HRMS 8.3 People Tools 8.4.2 w/ PS HRMS 8.8   SAP® R/3 4.5, 4.6, 4.7 and SAP HR 4.5, 4.6, 4.7 (read only)   SAP® Enterprise Portal v6.0 SP2, SP9, SP10   Siebel 6.2, 7.0.4 Help Desk   Remedy® Help Desk 4.5, 5.0	Message Platforms   Lotus Notes® 5.0, 6.5 (Domino)   Microsoft® Exchange 5.5   Microsoft® Exchange 2000, 2003(3)   Novell® GroupWise 5.x, 6 Operating Systems   Sun Solaris™ 8, 9, 10   HP-UX 11.0, 11i v1, 11i v2   IBM AIX® 4.3.3, 5.2, 5L v5.3   IBM OS/400® V4r3, V5r1   Microsoft Windows® NT® 4.0   Microsoft Windows® 2000, 2003   Red Hat Linux 8.0, 9.0   Red Hat Linux Advanced Server 2.1, 3.0, 4.0   HP OpenVMS 7.2 Security Managers   eTrust CA-ACF2® Security   Natural   IBM RACF®   ScriptedHostResourceAdapter   RSA® SecurID® 5.0, 6.0   RSA® SecurID® 5.1, 6.0 for UNIX   eTrust CA-Top Secret® Security 5.3 Web Access Control   Sun™ Java System Identity Server 6 2004Q2, Sun™ Java System Access Manager 6 2005Q1, 7 2005Q4   IBM Tivoli® Access Manager 4.x, 5.1   Netegrity® Siteminder® 5.5   RSA® ClearTrust® 5.0.1

---

Notes:

---

Sun Java System Directory Server 5 2005Q1 requires a patch to Directory Server retro changelog plugin for Active Sync.
While these applications are tested on Sun ONE Directory Server and Open LDAP, LDAP servers that are v3-compliant may work without any changes to the resource adapter.
Microsoft Exchange 2000 and 2003 are managed through the Microsoft Windows Active Directory 2000 and 2003 resources.

Web Servers

---

Note  Integration between an application server and Web server is not required. You may choose to use a Web server for better load balancing and for increased security (through the https protocol).

---

Apache 1.3.19
iPlanet 4.1
Microsoft Internet Information Server (IIS) 4.0, 5.0
Sun™ ONE Web Server 6

---

Note  When using Web Server 6 add the Java mail.jar and activiation.jar files to the WEB-INF/lib directory. The mail and activation jar files can be found at:

---

http://java.sun.com/products/javamail http://java.sun.com/products/beans/glasgow/jaf.html

---

Recommended Configurations

For optimum performance and support, use one of the following operating system/server configurations.

Recommended configuration lists are based on input from customer configurations, support, professional services, and pre-sales. Listed configurations are those in which the majority of test effort occurred during the release cycle.

Server Configurations

Microsoft Windows 2000 SP4, running one of:
WebLogic 7.2
WebLogic 8.1
WebSphere 5.0, 6.0
Sun ONE Application Server 7 or 8
Sun Solaris 9, running one of:
Sun ONE Application Server 7 or 8
WebLogic 7.2
IBM AIX 4.3.3, running WebSphere 5.0
IBM AIX 5.2, running WebSphere 5.1
IBM AIX 5L v5.3, running WebSphere 6.0

Database Configurations

Oracle 10g, running on one of:
Microsoft Windows 2000 SP4
Sun Solaris 8
Oracle 9i, running on one of:
Microsoft Windows 2000 SP4
Sun Solaris 9
AIX 4.3.3
IBM DB2 Universal Database 7.2 fixpack 7, running on one of:
Microsoft Windows 2000 SP4
AIX 4.3.3

Test Configuration

For development purposes, use Microsoft Windows 2000 SP4, running Apache Tomcat 4.1.29 with JDK 1.4.2 and connecting to MySQL 4.1.

---

Memory Requirements

You should determine your memory needs and set values in your application server's JVM. Do this by adding maximum and minimum heap size to the Java command line; for example:

java -Xmx512M -Xms512M

---

Notes

---

For best performance, set these values to the same size.
Depending on your specific implementation, you may need to increase these recommended values if you run reconciliation.

For performance tuning purposes you may also set the waveset property max.post.memory.size value.

---

Note  The max.post.memory.size specifies the maximum number of bytes that a posted file (for example., via an HTML FileSelect control) may contain without being spooled to the disk. For cases where you do not have permission to write to temp files, you should increase the max.post.memory.size to avoid having to spool to the disk. The default value is 8 Kbytes.

---

For additional system requirements and information, refer to the Identity Install Pack release notes.

---

Setup Task Flow

Depending on your choice of application server and database, the steps you will follow for setup differ. In general, you will:

Perform prerequisite tasks, such as installing a Java compiler and JVM, and setting up an index database
Install and configure an application server
Install and configure the Identity Install Pack software

---

Note  

---

Identity Manager and Identity Auditor share the same jar file and are always installed or updated simultaneously.

If you re-license the product you must import update.xml again. This will insure that you get all the objects for the products which are licensed to you.

When using application servers with staging directories, keep the staging directory that was used for Identity Install Pack installation after deploying the product.

Optionally set up the Sun Identity Manager Gateway
Optionally set up the PasswordSync

For some application server types and preferences, these general steps are combined, performed in a different order, or eliminated entirely.

---

Prerequisite Tasks

Before installing the Identity Install Pack software, you need to:

Decide Where to Store Index Repository Files
Set Up a Java Virtual Machine and Java Compiler
Set Up an Index Database
What's Next?

Decide Where to Store Index Repository Files

You must create the directory where you will store application files before launching the installation program. You can store application files in a staging folder, or you can install into your application server's Web application directory.

Using a Staging Directory

Because the applications are based on J2EE Web, you can store it in a staging folder. This staging folder is used to deploy the application into your specific application server. Typically, a Web Application Archive (.war) file is created for use in the deployment steps.

Using a Web Application Directory

You may choose to install directly into an application server's Web application directory. In this case, you will specify the Web application directory during installation. The installation program will place the Identity Install Pack files in folder named idm in that location by default.

---

Note  When using a localfiles index repository in a WebSphere application server environment, set the localfiles repository to a location outside of the Identity Manager directory.

---

Set Up a Java Virtual Machine and Java Compiler

The application requires a Java compiler and a Java Virtual Machine (JVM) to run the Java classes that perform actions within Identity Install Pack. Both of these can be found in a Java SDK. (The JRE packages do not include a Java compiler.)

---

Notes

---

Many application servers include a JDK bundled with their installation. The JDK version that is shipped with the application server is always preferred to any other JDK installed on your server.
You should add JAVA_HOME to your list of system environment variables and to your system path. To do this, add JAVA_HOME to your system environment and JAVA_HOME\bin to your path, making sure to list it before any other Java variables. While adding JAVA_HOME to your list of system environment variables is helpful for Identity Install Pack, it may affect other applications.

Set Up an Index Database

You should use a third-party relational database to store the system index data. If you plan to do this, use the general procedures in this section as guidelines when setting up the index database. Your database administrator may choose to customize the provided scripts to suit your site-specific configuration and standards.

---

WARNING    If you store the Index data in a local file system, you should select a location outside of the application or Web server directory structure. The dynamic directories created for the index data cannot be protected from intruders who might use a Web browser to scan directories serviced by the Web server.

---

---

Note  You must configure your database with a character set that will support the characters that you want to store. If you need to store multi-byte characters, you should use a character set (such as UTF-8) that supports Unicode.

---

About the Sample Database Scripts

Identity Install Pack provides sample database scripts that you can modify and use to create tables and indexes. You may choose to use an alternate method to create equivalent tables and indexes, but must meet these requirements:

Tables (or views) must exist with the names specified in the sample DDL.
Each named table (or view) must be owned by (or aliased to) the proxy user that is represented as “waveset” in the sample DDL.
Each named table (or view) must contain all of the columns specified for that table in the sample DDL.
Each named column must have a data type that is consistent with the data type specified for that column in the sample DDL.

You can modify the sample scripts to suit your environment. Common changes include:

Specifying a different proxy user
Specifying different tablespaces, or separate tablespaces for tables and indexes
Changing a data type. This is acceptable if a view or the JDBC driver makes the change transparent.
Adding columns. This is acceptable if each column is nullable or defaulted.
Removing or renaming columns. This is acceptable if a view makes this transparent.
Renaming indexes

---

Note  If you make changes to the sample scripts, then you must make equivalent changes to any sample database upgrade scripts that you receive in the future.

---

If you choose to set up Index data in regular files in a file system, skip to the chapter detailing Identity Install Pack installation. Otherwise, go to one of the sections in this chapter to set up:

MySQL
Oracle
IBM DB2 Universal Database for Linux, UNIX, or Windows
SQL Server

Setting Up MySQL

Follow these steps to set up MySQL for use with the application.

---

Notes

---

For additional information about setting up and configuring MySQL, refer to Configuring MySQL.
See Supported Software and Environments for supported database server versions, and for download or product locations.
Install the MySQL software. Start the MySQL process (if it does not start automatically).
Create the database. To do this:
Copy the create_waveset_tables.mysql script from the db_scripts directory on the installation CD (or from the idm\sample directory if you have already installed) to a temporary location.
Modify the create_waveset_tables.mysql script to change the database user password.
Create the new tables by using one of the following commands:

On Windows

c:\mysql\bin\mysql -u root < create_waveset_tables.mysql

On UNIX

$MYSQL/bin/mysql -u root < create_waveset_tables.mysql

Setting Up Oracle

Follow these steps to set up Oracle for use with the application.

---

Note  See Supported Software and Environments for supported database server versions, and for download or product locations.

---

  Install Oracle or confirm the connection to an Oracle database.
Connect to the Oracle instance as a user with privileges to create users and tables.
Create the database. To do this:
Copy the create_waveset_tables.oracle script from the db_scripts directory on the installation CD (or from the idm\sample directory if you have already installed) to a temporary location.
Modify the create_waveset_tables.oracle script:
Change the user password.
Change the path for DATAFILE to point to the location for your waveset.dbf data file.

---

Note  Your database administrator may want to modify the script to meet site-specific requirements for backup, replications, disk allocation, distribution, or other considerations.

---

Create the new tables by using the following command:

On Windows

sqlplus dbausername/dbapassword @create_waveset_tables.oracle

On UNIX

sqlplus dbausername/dbapassword @create_waveset_tables.oracle

Setting Up DB2

Before setting up DB2, you should decide how DB2 will provide JDBC access.

JDBC Access Considerations

DB2 offers two types of JDBC access, each of which requires a different URL format. The setup process allows you to select a preferred driver and automatically displays the corresponding URL template.

The application driver (COM.ibm.db2.jdbc.app.DB2Driver) requires local client software and a local database instance. Since DB2 runs on a separate (often dedicated) host in most production environments, the local database instance usually contains an alias to the remote database instance. In this configuration, the local database instance uses a DB2-specific protocol to communicate with the remote database instance.

The Type 2 network driver (COM.ibm.db2.jdbc.net.DB2Driver) does not require local client software or a local database. It does require that the DB2 Java Daemon (db2jd) be running on the target server. (In most production environments, the target server is a separate host, but the network driver works as well with a local database instance.) This daemon is not started by default, but the database administrator can start it manually or configure it to start automatically when the database instance starts.

The Type 4 network driver (COM.ibm.db2.jcc.DB2Driver) connects directly to the DB2 database.

DB2 Setup

Follow these steps to set up DB2.

---

Note  See Supported Software and Environments for supported database server versions, and for download or product locations.

---

Install DB2 or confirm the connection to a DB2 database.
Connect to the DB2 instance as a user with privileges to create users and tables.
Create the databasme. To do this:
Copy the create_waveset_tables.db2 script from the db_scripts directory on the installation CD (or from the idm\sample directory if you have already installed) to a temporary location.
Modify the create_waveset_tables.db2 script:
Change the user password.
Change the path for the CREATE_TABLESPACE command to a location appropriate for your environment.

---

Note  Your database administrator may want to modify the script to meet site-specific requirements for backup, replications, disk allocation, distribution, or other considerations.

---

Create the new tables by using the following command:

On Windows

db2 -tvf create_waveset_tables.db2

On UNIX

db2 -tvf create_waveset_tables.db2

Setting Up SQL Server

Follow these steps to set up SQL Server for.

---

Note  See Supported Software and Environments for supported database server versions, and for download or product locations.

---

Install Microsoft SQL Server or confirm the connection to a SQL Server installation.
Create the database. To do this:
Copy the create_waveset_tables.sqlserver script from the db_scripts directory on the installation CD (or from the idm\sample directory if you have already installed) to a temporary location.
Modify the create_waveset_tables.sqlserver script to change the login password.

---

Note  Your database administrator may want to modify the script to meet site-specific requirements for backup, replications, disk allocation, distribution, or other considerations.

---

Create the new tables by executing the create_waveset_tables.sqlserver script, located on the installation CD; for example:

osql -E -i PathToFile\create_waveset_tables.sqlserver

---

Note  You must have privileges to create databases and logins.

---

Download and install the Microsoft SQL Server 2000 Driver for JDBC. To do this:
Go to www.microsoft.com/downloads.
  In the Search for a Download area, enter “SQL Server JDBC” in the keywords field, and then click Go.
Locate, download, and install the correct version of the driver for your installation.

---

Note  During installation, you will pause to install this driver and the Microsoft .jar files (installed with the driver) before continuing setup. Refer to the installation procedures in the following chapters for instructions.

---

What's Next?

Skip to the procedures outlined in one of the following chapters to install and set up Identity Install Pack for your application server type:

Chapter 2, Installing Identity Install Pack for Tomcat 4.1.x
Chapter 3, Installing Identity Install Pack for Tomcat 5.0.x
Chapter 4, Installing Identity Install Pack for WebLogic
Chapter 5, Installing Identity Install Pack for WebSphere 4.x
Chapter 6, Installing Identity Install Pack for WebSphere 5.0
Chapter 7, Installing Identity Install Pack for iPlanet Application Server 6.5
Chapter 8, Installing Identity Install Pack for Sun ONE Application Server 7
Chapter 9, Chapter Installing Identity Install Pack for Sun Java System Application Server 8.

Previous      Contents      Next

---

Copyright 2006 Sun Microsystems, Inc. All rights reserved.