Oracle® Fusion Middleware Release Notes for Identity Synchronization for Windows 6.0 Service Pack 1 11g Release 1 (11.1.1.7.0) Part Number E28964-01 |
|
|
PDF · Mobi · ePub |
This chapter provides instructions for installing Identity Synchronization for Windows 6.0 Service Pack 1 in a greenfield environment, an environment where no instance of Identity Synchronization for Windows already exists. This chapter contains the following sections:
The LDAP directory used to store the Identity Synchronization for Windows configuration and synchronization data must be created and configured manually before you run the Identity Synchronization for Windows installer.
When creating this type of Directory Server instance, observe the following recommendations:
Do not use an existing 5.2x Directory Server o=NetscapeRoot
for the Identity Synchronization for Windows configuration data store. Create a new Directory Server that includes an instance of Identity Synchronization for Windows and is dedicated to Identity Synchronization for Windows configuration (o=NetscapeRoot
) and synchronization ( ou=isw_config
) data stores.
For example, create a new ou=isw_config
suffix, and then allow the Identity Synchronization for Windows administration console to create its own o=NetscapeRoot
suffix on the same server during installation. Be sure to create a Top Entry when you create the new ou=isw_config
suffix. When creating the ou=isw_config
suffix using DSCC, on the "Step5 : Choose Data Options" page, choose "Create Top Entry for the suffix. "
There should be no exisisting o=NetscapeRoot
suffix when installing the Identity Synchronization for Windows Java console.
Configure the configuration data store so that the o=NetscapeRoot
suffix that Identity Synchronization for Windows uses is not replicated with configuration changes from multiple management domains.
The Identity Synchronization for Windows configuration suffix should not reside in a replicated suffix. Use something like ou=isw_config
as a root suffix.
Avoid using anything other than o
or ou
notation for the Identity Synchronization for Windows configuration suffix. Using dc
suffix notation can cause install to fail.
The o=NetscapeRoot
suffix must not be a parent of the ou=isw_config
suffix.
Use a non-standard root level suffix so it is not a part of user LDAP space.
For detailed steps, see "Creating Directory Sources" in "Chapter 4, Configuring Core Resources" of the Oracle Identity Synchronization for Windows 6.0 Installation and Configuration Guide.
See Section 1.4, "Obtaining the Software as Part of Directory Server Enterprise Edition."
Review the following sections of this document:
After you unzip the distribution file, the directory should contain the following components:
HotFix-6.0SP1_COMBO_5_20110722
directory
The Identity Synchronization for Windows 6.0 Service Pack 1 patch
JDK 5.0_u29
Message Queue 4.3
Install the Network Security Services/Netscape Portable Runtime (NSS/NSPR) shared components.
You must install the NSS/NSPR packages and patch them to the appropriate level before you install Identity Synchronization for Windows.
On Solaris 10 you will install either the 119* or the 1253* patches, based on the version of the NSS and TLS packages already installed. For more information, see http://docs.oracle.com/cd/E19261-01/820-2761/upgrade-shared-comps/index.html
in the Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide .
On Solaris 9 systems, for each of the packages SUNWjss
, SUNWpr
, SUNWprd
, SUNWtls
, and SUNWtlsu
type the following command:
# pkgparam -v pkgname VERSION PATCHLIST
If pkgname is not installed, obtain it as follows:
# pkgadd -d pkglocation pkgname
If PATCHLIST
does not return the expected patch level, install the patch as follows:
# cd patchlocation # patchadd patch-id
Note:
To determine the appropriate pkglocation and patchlocation for your platform, see Table 1-3, "Minimum Patch Level Requirements" .
Install JDK 5.0_u29.
Install the packages available under the appropriate jdk
directory, for example, install-root/ODSEE_Identity_Synchronization_for_Windows/jdk
.
Use the pkgadd
command. For example:
# pkgadd -d . SUNWj5rt SUNWj5rtx SUNWj5man SUNWj5jmp SUNWj5dvx SUNWj5dmx SUNWj5dmo SUNWj5dev SUNWj5cfg
This will set the default JDK while keeping all other installed JDK versions available on the system.
See the /usr/jdk
path for the paths and symbolic linking representing the current state of default JDK.
Install Message Queue 4.3.
See Section 2.2, "Installing or Upgrading Sun Java System Message Queue." for detailed information.
Unpack the Identity Synchronization for Windows 6.0 Service Pack 1 binaries.
Change to the patch-id directory that corresponds to your platform and unzip the Identity Synchronization for Windows zip file.
For example:
$ cd 144589-01 $ unzip isw.6.0.sp1.solaris.sparc.zip
Set the DISPLAY environment variable to host:display.0
The graphic installer must not be run on a sub-display other than 0.
Install the Identity Synchronization for Windows 6.0 Service Pack 1 Core. When installation is complete, do not start the console.
For more information, see Chapter 3, Installing Core, in Oracle Identity Synchronization for Windows 6.0 Installation and Configuration Guide.
Install the HotFix-6.0SP1_COMBO_5_20110722
patch included within the 11.1.1.7.0 ODSEE release. Follow the instructions of the README
file within the hotfix path. For example on Solaris:
# unzip -q isw-generic.zip # ./Install /opt/SUNWisw /var/mps/serverroot
Configure the Identity Synchronization for Windows 6.0 Service Pack 1 Core.
For more information, see Chapter 4, Configuring Core Resources, in Oracle Identity Synchronization for Windows 6.0 Installation and Configuration Guide.
Tip:
If the console fails to start on Solaris 9, then set the following environment variable :
# export LD_LIBRARY_PATH=/usr/lib/mps/secv1:$LD_LIBRARY_PATH
Install the connectors.
For more information see "Chapter 5, Installing Connectors," in the Oracle Identity Synchronization for Windows 6.0 Installation and Configuration Guide.
Start the Identity Synchronization for Windows services.
# /etc/init.d/imq start # /etc/init.d/isw start
Synchronize existing users and user groups.
Start synchronization.
To confirm that the Identity Synchronization for Windows 6.0 Service Pack 1 installation has been successful, run the following command:
$ /opt/SUNWisw/bin/idsync -V
The output should be the same as the following:
common.jar : 6 2009Q1_SP1 (ISW build id:2010.116.1139 built by svbld) connector.jar : 6.0SP1_COMBO_5_20110722 (ISW build id:2011.203.1459 built by pduc) install.jar : 6.0SP1_COMBO_5_20110722 (ISW build id:2011.203.1459 built by pduc) registry.jar : 6.0SP1_COMBO_5_20110722 (ISW build id:2011.203.1459 built by pduc) ui.jar : 6.0SP1_COMBO_5_20110722 (ISW build id:2011.203.1459 built by pduc) watchdog.jar : 6 2009Q1_SP1 (ISW build id:2010.116.1139 built by svbld) manager.jar : 6.0SP1_COMBO_5_20110722 (ISW build id:2011.203.1459 built by pduc)