IBM. Installing and configuring. Version 6.4

Similar documents
Installation and Configuration Guide

Installation and Configuration Guide

Installation and Configuration Guide

IBM Operational Decision Manager Version 8 Release 5. Installation Guide

IBM Security Access Manager for Web Version 7.0. Installation Guide GC

IBM Tivoli Storage Manager for Windows Version Tivoli Monitoring for Tivoli Storage Manager

Installing and Configuring IBM Case Manager with FileNet P8 Platform on a Single Server

IBM Security Access Manager for Web Version 7.0. Upgrade Guide SC

IBM Security Identity Manager Version Installation Topics IBM

IBM Tivoli Storage Manager for AIX Version Tivoli Monitoring for Tivoli Storage Manager

IBM Security Identity Manager Version 6.0. Installation Guide GC

IBM i Version 7.2. Connecting to IBM i IBM i Access for Web IBM

Authorization C API Developer Reference

Rational Performance Tester, Version 7.0

Extended Search Administration

Version 10 Release 0 February IBM Marketing Platform Installation Guide IBM

IBM Agent Builder Version User's Guide IBM SC

Rational Systems Developer

Tivoli System Automation Application Manager

IBM. Connecting to IBM i IBM i Access for Web. IBM i 7.1

Tivoli Tivoli Intelligent ThinkDynamic Orchestrator

IBM Tivoli Storage Manager for Linux Version Tivoli Monitoring for Tivoli Storage Manager

IBM Tivoli Storage Manager for Windows Version 7.1. Installation Guide

Road Map for the Typical Installation Option of IBM Tivoli Monitoring Products, Version 5.1.0

IBM Tivoli Storage Manager for Windows Version Installation Guide

IBM Tivoli Privacy Manager for e-business. Installation Guide. Version 1.1 SC

WebSEAL Installation Guide

IBM Tivoli Directory Server. System Requirements SC

Planning and Installation

IBM Tivoli Asset Discovery for Distributed Version Installation Guide GI

Deployment Overview Guide

IBM. Installing. IBM Emptoris Suite. Version

IBM Spectrum Protect Snapshot for Oracle Version What's new Supporting multiple Oracle databases with a single instance IBM

Tivoli Tivoli Provisioning Manager

IBM Security Access Manager Version Appliance administration topics

Tivoli Tivoli Provisioning Manager

Performance Tuning Guide

Tivoli Tivoli Intelligent ThinkDynamic Orchestrator

IBM Tivoli Monitoring: AIX Premium Agent Version User's Guide SA

IBM Interact Version 9 Release 1 October 25, Installation Guide

IBM Endpoint Manager Version 9.0. Patch Management for AIX User's Guide

IBM Tivoli Storage Manager for Virtual Environments Version Data Protection for VMware Installation Guide IBM

Rational Software Architect

IBM Workplace Collaboration Services Installation and Upgrade Guide

IBM. Installing. Version 8.0

Integration Developer Version 7.0 Version 7.0. Installation Guide

DocumentationcorrectionsforIBMTivoli Storage Productivity Center V4.2

IBM. Installing, configuring, using, and troubleshooting. IBM Operations Analytics for z Systems. Version 3 Release 1

Tivoli System Automation for Multiplatforms

IBM Unica Optimize Version 8 Release 6 May 25, Installation Guide

IBM Tivoli Netcool Performance Manager Wireline Component October 2015 Document Revision R2E1. Pack Upgrade Guide IBM

Solutions for BSM Version 1.1. Solutions for BSM Guide

IBM i Version 7.2. Security Service Tools IBM

IBM Workplace Collaboration Services Installation and Upgrade Guide

IBM Leads Version 9 Release 1 October 25, Installation Guide

System i and System p. Capacity on Demand

xseries Systems Management IBM Diagnostic Data Capture 1.0 Installation and User s Guide

Tivoli System Automation for Multiplatforms

IBM Tivoli Storage Manager for AIX Version Installation Guide IBM

Managing Server Installation and Customization Guide

IBM. Client Configuration Guide. IBM Explorer for z/os. Version 3 Release 1 SC

Installation and Configuration Guide

Installation and Configuration Guide

Version 9 Release 1.2 September 23, IBM Marketing Platform Installation Guide IBM

Solutions for BSM 1.1 Expanded Operating System Release. Solutions for BSM Guide

Troubleshooting Guide

IBM Unica PredictiveInsight Version 8 Release 6 May 25, Installation Guide

IBM Security Access Manager for Web Version Application Development Kit Installation Topics

IBM Tivoli Access Manager for Linux on zseries. Installation Guide. Version 3.9 GC

IMSConnectorforJava User s Guide and Reference

IBM Maximo Anywhere Version 7 Release 6. Planning, installation, and deployment IBM

IBM Tivoli Storage Manager for Databases Version 7.1. Data Protection for Oracle for UNIX and Linux Installation and User's Guide

Monitor Developer s Guide

Live Partition Mobility ESCALA REFERENCE 86 A1 85FA 01

IBM Tivoli Access Manager forweblogicserver. User s Guide. Version 3.9 GC

IBM Spectrum Protect for Linux Version Installation Guide IBM

Connectivity Guide for Oracle Databases

IBM Features on Demand. User's Guide

IBM Security Identity Manager Version Product Overview Topics

Oracle Fusion Middleware

IBM EMM Reports Version 9 Release 1 October 25, Installation and Configuration Guide

IBM Spectrum Protect for AIX Version Installation Guide IBM

Troubleshooting Guide

WebSphere MQ. Clients GC

High Availability Guide for Distributed Systems

IBM. Planning and Installation. IBM Tivoli Workload Scheduler. Version 9 Release 1 SC

ImageUltra Builder Version 2.0. User Guide

Tivoli Identity Manager

ComposerGuideforFlexDevelopment

Installation and Setup Guide

Installing and Configuring Tivoli Enterprise Data Warehouse

IBM Security Access Manager Version June Administration topics IBM

IBM Monitoring Agent for OpenStack Version User's Guide IBM SC

IBM Campaign Version 9 Release 1.1 November 26, Installation Guide

High Availability Guide for Distributed Systems

Data Protection for IBM Domino for UNIX and Linux

IBM Sterling Gentran:Server for Windows. Installation Guide. Version 5.3.1

IBM Tivoli Storage Manager Version Single-Site Disk Solution Guide IBM

High Availability Policies Guide

IBM Tivoli Access Manager for WebSphere Application Server. User s Guide. Version 4.1 SC

Transcription:

IBM Installing and configuring Version 6.4

ii Installing and configuring

Contents Installing and configuring....... 1 Planning for installation.......... 1 Premium feature actiation......... 1 Installation oeriew........... 2 Disk space requirements......... 3 Preparation of installation media...... 5 Installation prerequisites......... 8 Installation methods.......... 11 Installation with IBM Installation Manager.... 11 IBM Installation Manager oeriew..... 11 Supported operating systems....... 12 IBM Security Directory Serer installation package types............ 12 Installation guidelines.......... 12 IBM Security Directory Serer components... 13 IBM Security Directory Serer installation customization............ 15 Default installation locations........ 16 Installation repositories......... 17 Starting the installation......... 17 Installing with IBM Installation Manager... 20 Installing the premium feature actiation package with IBM Installation Manager....... 23 Silent mode installation......... 24 Modification with IBM Installation Manager... 27 Modifying features with IBM Installation Manager.............. 27 IBM Installation Manager log files....... 30 Querying the IBM Security Directory Serer packages............... 31 Natie installation and configuration using scripts 31 Installation roadmap.......... 31 Installing IBM Security Directory Serer packages on Linux and Solaris operating systems.... 32 Verifying installation logs......... 34 Installing the premium feature actiation package with operating system command line utilities... 34 Installation of IBM DB2.......... 35 IBM SDK Jaa Technology Edition for IBM Security Directory Serer............. 36 Installation of IBM Global Security Kit..... 37 Installing GSKit with installp....... 39 Installing GSKit with Linux utilities..... 39 Installing GSKit with Solaris utilities..... 40 Installing GSKit on Windows....... 41 Installing GSKit silently on Windows..... 42 Installation of language packs........ 42 Language pack packages for installation.... 43 Installing language packs with operating system utilities............... 44 Installation with operating system command-line utilities................ 45 Installation with AIX utilities....... 46 Installation with Linux utilities....... 51 Installation with Solaris utilities...... 55 Verification of IBM Security Directory Serer features................ 58 Verifying IBM Security Directory Serer features with IBM Installation Manager....... 58 Verifying IBM Security Directory Serer features on Windows............. 59 Verifying IBM Security Directory Serer packages 60 Verifying the ersion of Web Administration Tool 60 Verifying GSKit installation on Windows... 61 Verifying GSKit on AIX, Linux, and Solaris... 61 Upgrade an instance of a preious ersion.... 62 Setting the enironment before you upgrade an instance.............. 63 Upgrading an instance of a preious ersion with the idsimigr command......... 64 Upgrade an instance of a preious ersion to a different computer........... 65 Links to client and serer utilities...... 68 Migration of data and solutions from an instance of a preious ersion............ 68 Migrating the log management solution.... 69 Migrating the SNMP solution....... 70 Migrate a preious ersion of Web Administration Tool configuration...... 71 Manual deployment of Web Administration Tool.. 76 Installing WebSphere Application Serer.... 76 Default ports for Web Administration Tool... 77 Deploying Web Administration Tool in WebSphere Application Serer....... 78 Starting WebSphere Application Serer to use Web Administration Tool......... 80 Accessing Web Administration Tool..... 80 Stopping web application serer...... 82 HTTPS with WebSphere Application Serer... 82 Undeploying Web Administration Tool from WebSphere Application Serer....... 83 Planning for an instance configuration..... 84 Users and groups that are associated with a directory serer instance......... 84 Configuration planning......... 87 UTF-8 support............ 88 ASCII characters from 33 to 126...... 92 Instance creation and administration...... 93 Starting Instance Administration Tool..... 93 Starting Instance Administration Tool to upgrade an instance............. 94 Directory serer instance creation...... 95 Instance creation with Instance Administration Tool................ 96 Instance creation from an existing instance.. 113 Start or stop a directory serer and an administration serer.......... 117 Management of a directory serer instance configuration............ 119 Modify the TCP/IP settings of an instance.. 120 View information about an instance..... 122 iii

Directory serer instance deletion..... 123 Directory structure erification....... 125 Instance configuration.......... 126 Starting Configuration Tool........ 126 Start or stop a directory serer and an administration serer with Configuration Tool. 127 Management of primary administrator DN for an instance............. 129 Management of primary administrator password for an instance........ 130 Database configuration for a directory serer instance.............. 132 Management of the DB2 database administrator password.............. 136 Database unconfiguration from a directory serer instance............ 138 Database optimization......... 140 Database maintenance......... 141 Directory serer backup......... 143 Restore a directory serer........ 145 Tuning a directory serer for performance... 147 Change log management for a directory serer instance.............. 152 Suffix configuration.......... 155 Schema management.......... 158 LDIF data management......... 161 Autostart of directory serer instances at operating system startup............. 166 Configuring autostart for a directory serer instance on Windows.......... 166 Configuring autostart for a directory serer instance on UNIX........... 168 Fix pack strategy............ 169 Installing fix packs with IBM Installation Manager.............. 170 Installing fix packs with natie scripts.... 172 Uninstalling IBM Security Directory Serer: An oeriew............... 173 Uninstallation of IBM Security Directory Serer and corequisite software.......... 174 Uninstallation with IBM Installation Manager 175 Uninstallation of IBM Security Directory Serer with operating system utilities....... 178 Uninstallation of DB2 with DB2 commands.. 183 Uninstallation of IBM Global Security Kit with operating system utilities........ 183 Uninstallation of language packs...... 186 Directory Serices Markup Language..... 187 Loading a sample database and starting the serer 187 Updating the ldapdb.properties file manually.. 188 Accessibility features for Security Directory Serer 188 Index............... 191 i Installing and configuring

Installing and configuring Planning for installation The installation and configuration topics contain information for installing, configuring, and uninstalling IBM Security Directory Serer. It also includes information about upgrading from a preious ersion. You must decide hardware, software, user roles, security and other requirements for your directory serer enironment before installation of IBM Security Directory Serer. Planning roadmap Premium feature actiation Use the checklist in this section to install a serer. If you are upgrading from a preious release, do not use this checklist. Instead, see Upgrade an instance of a preious ersion on page 62 for instructions. 1. Read a brief oeriew to understand the components of IBM Security Directory Serer. 2. Be sure that you hae the minimum required hardware and software. For information about the requirements, see System requirements and Disk space requirements on page 3. 3. Install IBM Security Directory Serer using the IBM Installation Manager. 4. On Windows systems, if the system restarts, log on as the user you were logged on as during installation. 5. Use the Instance Administration Tool to manage directory serer instances. 6. Optionally, erify the installation and configuration by loading the sample LDIF file into the database. For more information, see Loading a sample database and starting the serer on page 187. 7. Start the directory serer instance and, if you installed the Web Administration Tool, start it. 8. See the Administering section of the IBM Security Directory Serer documentation for information about setting up and using the serer and the Web Administration Tool. If you installed a full directory serer and you want to plan the organization of your database, see Configuration planning on page 87 for information. You must purchase IBM Security Directory Serer explicitly through IBM Passport Adantage to configure and use the premium features of IBM Security Directory Serer. 1

Installation oeriew Premium feature actiation is enforced through a Premium Feature Actiation Package that you can download from Passport Adantage. This package enables unlocking of the premium features of IBM Security Directory Serer when you start the serer. The following premium features are unlocked with the Premium Feature Actiation Package: IBM Security Directory Serer proxy Pass-through authentication Ability to record last successful authentication time stamp in user entries Adanced password policy rules You cannot use the premium features if you are upgrading from an earlier ersion to ersion 6.4 without the Premium Feature Actiation Package. To upgrade to the premium offering, follow these steps: 1. Purchase a product license. 2. Use the license to obtain a Passport Adantage account. 3. Download and install the Premium Feature Actiation Package from Passport Adantage. 4. Migrate the earlier ersion (6.2, 6.3, or 6.3.1) instance to ersion 6.4. For more information, see Upgrade an instance of a preious ersion. 5. Restart the serer. To actiate premium features after you install IBM Security Directory Serer, see the following topics: Installing the premium feature actiation package with IBM Installation Manager on page 23 Installing the premium feature actiation package with operating system command line utilities on page 34 You must prepare your computer and choose the appropriate IBM Security Directory Serer installation mode that is applicable for your operating system. The following installation methods are aailable for supported operating systems: IBM Installation Manager AIX Linux x86-64 Windows x86-64 Window 32-bit (client only) Natie wrapper installer scripts Linux i/pseries Linux zseries Solaris SPARC For installation on any other supported operating system, you can use the operating system command-line utilites to install IBM Security Directory Serer. 2 Installing and configuring

With the installer that is based on IBM Installation Manager, GUI and silent installation is supported for IBM Security Directory Serer. Disk space requirements For successful installation of IBM Security Directory Serer and the corequisite software, your computer must contain the required disk space. The disk space requirements ary based on the operating system and the IBM Security Directory Serer feature and the corequisite software that you select for installation. Disk space requirements on Windows Note: If you select the Proxy Serer or Full Directory Serer feature for installation, add the sizes for the Client SDK, IBM SDK Jaa Technology Edition, and Jaa Client once. Table 1. Approximate disk space requirements for IBM Security Directory Serer features and the corequisite software on Windows Installable Feature Client Software Deelopment Kit IBM SDK Jaa Technology Edition Jaa Client Deployed Web Administration Tool (includes WebSphere Application Serer and the Web Administration Tool that is deployed into WebSphere Application Serer) Web Administration Tool deployment in existing WebSphere Application Serer Base Serer Proxy Serer (be sure to add the sizes for the Client SDK, Jaa Client, and Base Serer) Full Directory Serer (be sure to add the sizes for the Client SDK, Jaa Client, and Base Serer) DB2 IBM Global Security Kit Disk Space for Installation (in MB) 25 MB 200 MB 124 MB 440 MB 260 MB 23 MB 40 MB 8 MB 763 MB 11 MB Disk space requirements on AIX Note: If you select the Proxy Serer or Full Directory Serer feature for installation, add the sizes for the Client SDK, IBM SDK Jaa Technology Edition, and Jaa Client once. Table 2. Approximate disk space requirements for IBM Security Directory Serer features and the corequisite software on AIX Installable Feature Client Software Deelopment Kit IBM SDK Jaa Technology Edition Jaa Client Disk Space for Installation (in MB) 8 MB 200 MB 91 MB Installing and configuring 3

Table 2. Approximate disk space requirements for IBM Security Directory Serer features and the corequisite software on AIX (continued) Installable Feature Deployed Web Administration Tool (includes WebSphere Application Serer and the Web Administration Tool that is deployed into WebSphere Application Serer) Web Administration Tool deployment in existing WebSphere Application Serer SSL Web Administration Tool Base Serer Proxy Serer (be sure to add the sizes for the Client SDK, Jaa Client, and Base Serer) Full Directory Serer (be sure to add the sizes for the Client SDK, Jaa Client, and Base Serer) DB2 IBM Global Security Kit Disk Space for Installation (in MB) 443 MB 500 MB 51 MB 39 MB 4 MB 12 MB 1250 MB 16 MB Disk space requirements on Linux Note: If you select the Proxy Serer or Full Directory Serer feature for installation, add the sizes for the Client SDK, IBM SDK Jaa Technology Edition, and Jaa Client once. Table 3. Approximate disk space requirements for IBM Security Directory Serer features and the corequisite software on Linux Installable Feature Client Software Deelopment Kit IBM SDK Jaa Technology Edition Jaa Client Deployed Web Administration Tool (includes WebSphere Application Serer and the Web Administration Tool that is deployed into WebSphere Application Serer) Web Administration Tool deployment in existing WebSphere Application Serer Base Serer Proxy Serer (be sure to add the sizes for the Client SDK, Jaa Client, and Base Serer) Full Directory Serer (be sure to add the sizes for the Client SDK, Jaa Client, and Base Serer) DB2 (System x Linux) DB2 (System zlinux) DB2 (System i and System p Linux) DB2 (AMD64/EM64T Linux) IBM Global Security Kit Disk Space for Installation (in MB) 9 MB 200 MB 166 MB 443 MB 375 MB 32 MB 40 MB 8 MB 460 MB 670 MB 520 MB 1300 MB 40 MB 4 Installing and configuring

Note: (Applicable for installer that is IBM Installation Manager.) In the shared resources directory, 200 MB of hard disk space is required. In the installation directory of IBM Security Directory Serer, an additional 200 MB of hard disk space is required. Space requirement for default temp directory of system: If DB2 is selected for installation, then 2048 MB + 500 MB free space in the temp directory is required. Without DB2, 500 MB free space in the temp directory is required. Disk space requirements on Solaris Note: If you select the Serer and Proxy Serer feature for installation, add the sizes for the C Client, IBM SDK Jaa Technology Edition, and Jaa Client once. Table 4. Approximate disk space requirements for IBM Security Directory Serer features and the corequisite software on Solaris Installable feature C Client IBM SDK Jaa Technology Edition Jaa Client Disk space for installation (in MB) 11 MB 145 MB Remarks Serer 47 MB Add C Client and Jaa Client sizes Proxy Serer 40 MB Add C Client and Jaa Client sizes Web Administration Tool 470 MB Includes WebSphere Application Serer, and Web Administration Tool that is deployed into WebSphere Application Serer DB2 IBM Global Security Kit 1155 MB 34 MB Preparation of installation media The IBM Security Directory Serer product package includes IBM Security Directory Serer, the corequisite software, and the installation program. You can obtain the installation media from the installation DVDs or from the Passport Adantage website. The IBM Security Directory Serer product is aailable as an iso file. An iso file contains IBM Security Directory Serer installables and all of its prerequisites and co-requisites, which include the following software: DB2, Version 10.5.0.4 GSKit, Version 8.0.50.34 IBM SDK Jaa Technology Edition, Version 6 SR 16 IBM Installation Manager, Version 1.8.0 Note: WebSphere Application Serer is not proided with the IBM Security Directory Serer installation package. You must download WebSphere Application Serer, Installing and configuring 5

6 Installing and configuring Version 8.5.5 from Passport Adantage and install it separately. For more information, see the IBM Knowledge Center for WebSphere Application Serer. DB2, Version 10.5.0.4 is shipped with IBM Security Directory Serer, Version 6.4. Howeer, the minimum supported ersion that you can use with IBM Security Directory Serer, Version 6.4 is DB2, Version 10.1.0.2. GSKit, Version 8.0.50.34 is shipped with IBM Security Directory Serer, Version 6.4. Howeer, the minimum supported ersion that you can use with IBM Security Directory Serer, Version 6.4 is GSKit, Version 8.0.14.24. To use DVD as your installation media, you must complete one of the following tasks: Create a DVD image from the IBM Security Directory Serer product image for your operating system. Store the IBM Security Directory Serer product image on the hard disk of the computer and mount it if required. To download the IBM Security Directory Serer product from Passport Adantage, see Downloading the software from Passport Adantage. After you prepare you installation media, you must meet the prerequisite software requirements for your operating system. See Installation prerequisites on page 8. Downloading the software from Passport Adantage For the installation of IBM Security Directory Serer, you must download the software from IBM Passport Adantage. Before you begin You must register and obtain a customer account number and password to access IBM Passport Adantage. 1. Go to the IBM Passport Adantage website at http://www.ibm.com/software/ howtobuy/passportadantage/pao_customers.htm. 2. Click Customer sign in. 3. In the IBM ID field, enter your IBM ID. 4. In the Password field, enter your password. 5. Click Sign in. 6. Follow the instructions to download the IBM Security Directory Serer software. Directory structure of downloaded files You must erify the directory structure after you download the installation files for IBM Security Directory Serer. Linux x86_64 ibm_db2/ ibm_gskit/ ibm_im_32bit/ ibm_im_64bit/ ibm_jdk/ ibm_sds/ images/

imlauncherlinux.sh launchpad/ launchpad.sh license/ quickstart/ sds_install.xml SilentInstallScripts/ tools/ write_sds_path.sh Windows x86_64 autorun.inf ibm_db2\ ibm_gskit\ ibm_im_32bit\ ibm_im_64bit\ ibm_jdk\ ibm_sds\ imlauncherwindows.bat launchpad\ launchpad64.exe launchpad64.ini launchpad.exe launchpad.ini license\ quickstart\ sds_install.xml SilentInstallScripts\ tools\ write_sds_path.bat AIX ppc64 ibm_db2/ ibm_gskit/ ibm_im/ ibm_jdk/ ibm_sds/ images/ launchpad/ launchpad.sh license/ quickstart/ sds_install.xml SilentInstallScripts/ tools/ write_sds_path.sh Linux i/pseries, Linux s390, and Solaris SPARC db2 gskit ids_detectgskitversion idsinstall_i idsnatieinstall.sh images jdk license Installing and configuring 7

quickstart responsefile.txt tools Installation prerequisites Installation of IBM Security Directory Serer and its corequisite software might require the installation of prerequisites for your operating system. The prerequisites software must be installed before the installation of IBM Security Directory Serer and its corequisite software. Additional prerequisites You must update your system with the prerequisites that are required for the installation of IBM Security Directory Serer and its corequisite products. See the System requirements section for links that list the prerequisites for IBM Security Directory Serer and its corequisite products on each supported operating system. The following requirements are prerequisites that must be met for specific operating systems in addition to those specified in the system requirements. The Korn shell is required on AIX, Linux, and Solaris operating systems. On SuSE Linux Enterprise Serer, PDKSH is required. For installation of rpm packages on AIX, download the rpm package manager for AIX systems from the following location: ftp://public.dhe.ibm.com/aix/ freesoftware/aixtoolbox/installp/ppc/rpm.rte IBM IBM XL C/C++ for AIX, Version 13.1.0.1 or later is required on AIX systems. To check the leel of the IBM XL C runtime, use the following command: lslpp -l xlc\* Table 5. The prerequisite packages that are required on an AIX operating system Packages Reason Download address Mozilla Firefox web browser for AIX gtk+ RPM (gtk2-2.10.6-4.aix5.2.ppc.rpm) X11.adt.lib fileset To open the launchpad on AIX, a supported ersion of browser must exist. Eclipse changed the window system requirement from motif to gtk on UNIX operating systems. For AIX, this Eclipse window system change requires the gtk libraries to be installed to support the GUI. For IBM Installation Manager, the GUI is the wizard mode of operation. The X11.adt.lib fileset is a prerequisite for installing the idsldap.cltjaa64 and idsldap.webadmin64 packages on AIX systems. For more information about the web browsers for AIX, see the http:// www.ibm.com/systems/ power/software/aix/ browsers/ website. For more information about installation of the gtk libraries, see the Required gtk libraries for IBM Installation Manager on AIX technote at the http://www.ibm.com/ support/ dociew.wss?uid=swg21631478website. 8 Installing and configuring

Table 5. The prerequisite packages that are required on an AIX operating system (continued) Packages Reason Download address xlc.rte 13.1.0.0 and xlc.aix61.rte 12.1.0.0 or later leels bos.loc.iso.en_us 5.3.0.0 The IBM C++ Runtime Enironment Components for AIX requires the xlc.rte 13.1.0.0 and xlc.aix61.rte 12.1.0.0 runtime leels or later. IBM Security Directory Serer, ersion 6.4 requires the minimum base leel system locale fileset leel at bos.loc.iso.en_us 5.3.0.0. The idsldap user and group If you select the Serer or the Proxy Serer feature for installation, the installation program can create the idsldap user and group. The installation program creates the idsldap user and group if they do not exist. Note: On AIX, Linux, and Solaris, installation with the operating system utilities creates the idsldap user if it does not exist. Howeer, if the /home/idsldap directory exists on Linux and AIX or the /export/home/idsldap directory exist on Solaris, it might not be possible to create the idsldap user. Therefore, you must ensure that the home directory for idsldap does not exist if the idsldap user does not exist. If your enironment requires that you to control the idsldap user and group, you can create them before the installation. The idsldap user and group must meet the following requirements: The idsldap user must be a member of the idsldap group. On AIX, Linux, and Solaris, the root user must be a member of the idsldap group. On Windows, the Administrator must be a member of the idsldap group. The idsldap user must hae a home directory. On AIX, Linux, and Solaris, the default shell for the idsldap user must be the Korn shell. The idsldap user can hae a password, but is not a must. The idsldap user can be the owner of the director serer instance. You must meet all the requirements before the IBM Security Directory Serer installation. If the idsldap user exists but does not meet the requirements, the Proxy Serer feature installation might fail. Note: For more information about the user ID requirements for an instance, directory instance, database owner, see Users and groups that are associated with a directory serer instance on page 84. You can use Instance Administration Tool to create users and groups when you create a directory serer instance. You can also use the operating system utilities to create the idsldap user and group and set them up correctly. Installing and configuring 9

Examples Run the following operating system utilities to create the idsldap group, the idsldap user, password, and to add root as a member of the idsldap group. On AIX systems: To create the idsldap group, run the following command: mkgroup idsldap To create the idsldap user ID as a member of the idsldap group and to set the Korn shell as the default shell, run the following command: mkuser pgrp=idsldap home=/home/idsldap shell=/bin/ksh idsldap To set the password for the idsldap user, run the following command: passwd idsldap To add the root user ID as a member of the idsldap group, run the following command: /usr/bin/chgrpmem -m + root idsldap On Linux systems: To create the idsldap group, run the following command: groupadd idsldap To create the idsldap user ID as a member of the idsldap group and to set the Korn shell as the default shell, run the following command: useradd -g idsldap -d /home/idsldap -m -s /bin/ksh idsldap To set the password for the idsldap user, run the following command: passwd idsldap To add the root user ID as a member of the idsldap group, run the following command: usermod -G idsldap,rootgroups root You can retriee the alues of rootgroups for your computer with the groups root command. On Solaris systems: To create the idsldap group, run the following command: groupadd idsldap To create the idsldap user ID as a member of the idsldap group and to set the Korn shell as the default shell, run the following command: useradd -g idsldap -d /export/home/idsldap -m -s /bin/ksh idsldap To set the password for the idsldap user, run the following command: passwd idsldap To add the root user ID as a member of the idsldap group, run the following command: usermod -G idsldap,root idsldap To modify the root user ID so that root is a member of the group idsldap, use an appropriate tool. For more information about the command to add user and group, see the documentation for your operating system. 10 Installing and configuring

Installation methods For the installation of IBM Security Directory Serer and its corequisite software, you must choose the appropriate installation method that suits best for your enironment. You can use the following methods for the installation of IBM Security Directory Serer and its corequisite software: Installation with IBM Installation Manager Installation with operating system command-line utilities CAUTION: You must not use different modes of installation on the same computer. You must run IBM Security Directory Serer installation with IBM Installation Manager or operating system command-line utilities, but not both. If you mix the two modes of installation, the installation might not include all the correct packages for a feature. You must aoid manual installation of DB2 in its default installation path that is used by IBM Installation Manager. Such manual installation might cause installation, modification, or uninstallation failures when you run these operations with IBM Installation Manager. For more information about the default installation path, see Default installation locations on page 16. Installation with IBM Installation Manager IBM Installation Manager is a tool that you can use for the installation and maintenance of IBM Security Directory Serer and its corequisite software. IBM Installation Manager oeriew IBM Installation Manager is an installation wizard that guides you through the steps to install, modify, update, roll back, or uninstall IBM products. It can use remote or local software repositories for installation. IBM Installation Manager also helps you manage the IBM applications or packages that it installs on your computer in the following ways: Keeps record of what you installed Determines and shows packages that are aailable for installation Checks prerequisites and interdependencies IBM Installation Manager includes six wizards that make it easy to maintain packages: The Install wizard walks you through the installation process. You can install one or more packages at a time. You can accept the default settings or you can modify the settings to create a custom installation where possible. Before you install, you get a complete summary of your selections throughout the wizard. The Update wizard searches for aailable updates to packages that are installed on your system. Details of the contents of the update are proided in the wizard. You can choose whether to apply an update. The Modify wizard helps you modify certain elements of a package that you already installed. During the first installation of the package, you select the features that you want to install. Later, if you require other features, you can use the modify packages wizard to add them to your package. You can also remoe features. Installing and configuring 11

The Manage Licenses wizard helps you set up the licenses for your packages. Use this wizard to change your trial license to a full license, to set up your serers for floating licenses, and to select which type of license to use for each package. The Roll Back wizard helps you to reert to a preious ersion of a package. The Uninstall wizard remoes a package from your computer. You can uninstall more than one package at a time. For more information, see the IBM Knowledge Center for IBM Installation Manager. Supported operating systems You can use IBM Installation Manager for the installation of IBM Security Directory Serer on AIX, Linux, and Microsoft Windows. For a list of the ersions of the operating systems that are supported for installation of IBM Security Directory Serer with IBM Installation Manager, see System requirements. IBM Security Directory Serer installation package types To choose the correct IBM Security Directory Serer installation package, you must know the aailable installation package types. The following IBM Security Directory Serer installation package types are aailable for installation with IBM Installation Manager: Table 6. IBM Security Directory Serer installation package type and the aailable features for installation All features Features in full product installer DB2 Yes No IBM Global Security Kit Yes Yes C Client Yes Yes IBM SDK Jaa Technology Edition Yes Features in client-only installer Yes Jaa Client Yes Yes Serer Yes No Proxy Serer Yes No Web Administration Tool Yes No Installation guidelines You must consider some restrictions before you begin the installation of IBM Security Directory Serer with the IBM Installation Manager. Installation method When you install IBM Security Directory Serer, you can choose to install with either the IBM Installation Manager or the command-line utilities of the operating system. For any future installation or uninstallation of IBM Security Directory Serer packages, features, and fix packs, you must use the same installation method on a system. For example, if you install IBM Security Directory Serer with the IBM Installation Manager, you must not 12 Installing and configuring

use command-line utilities to install features or to uninstall the product. If you do so, the IBM Security Directory Serer setup might get corrupted or become unusable. IBM Installation Manager ersion IBM Installation Manager, Version 1.8.0 is supported for installation of IBM Security Directory Serer. An error message is displayed on the Install Packages page of IBM Installation Manager and you cannot proceed with the installation in the following scenarios: You try to start the installation of IBM Security Directory Serer with a preious ersion of IBM Installation Manager. A preious ersion of IBM Installation Manager is detected when you start the installation of IBM Security Directory Serer from the Launchpad program. Multiple installations You cannot install multiple copies of the same ersion of IBM Security Directory Serer on the same system. When you select the installation package for the same ersion again, IBM Installation Manager generates a warning message and you cannot proceed with the installation. Howeer, different ersions of IBM Security Directory Serer can coexist on the same system. Installation location on AIX and Linux systems: IBM Security Directory Serer can be installed only at the predefined location on the AIX and Linux systems. The path is specified by default in the Installation Directory field in IBM Installation Manager. Though this field is editable in IBM Installation Manager, if you change the path that is specified by default, you cannot click Next to proceed with the installation. You must reert to the default installation path for IBM Security Directory Serer. This restriction does not apply to Microsoft Windows operating systems. IBM Security Directory Serer can be installed at any custom location on Microsoft Windows operating systems. Een if you select a custom installation location for IBM Security Directory Serer, the idsinstinfo directory and the idsinstances.ldif file that it contains are always created on the partition that is specified by %SystemDrie%. If IBM Security Directory Serer is installed on the E: drie and the operating system is on the C: drie, you might obsere the following changes: The idsinstinfo directory is created in the C: drie (C:\idsinstinfo), instead of in the E:\Program Files\IBM\ldap directory. To know more about the default installation locations, see Default installation locations on page 16. IBM Security Directory Serer components When you install IBM Security Directory Serer with the IBM Installation Manager, you can select the components that you want to install. IBM Installation Manager displays the dependencies of each component that you select. The following IBM Security Directory Serer components are aailable for installation: DB2 You can install DB2 as a feature. If a supported ersion of DB2 is installed, you do not require to install DB2 that is proided with the IBM Security Installing and configuring 13

Directory Serer package. For information about supported ersions of DB2 for arious operating systems, see IBM Security Directory Serer Product Oeriew. DB2 is required for the full directory serer because directory data is stored in a DB2 database. DB2 is not required for Proxy Serer. IBM Global Security Kit (GSKit) You can install GSKit as a feature along with other features of IBM Security Directory Serer. GSKit is an optional feature that is required only if you want to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) communication protocol. GSKit must be installed on both serer and client systems to establish and use secure connections. C Client You can install C Client as a feature either by itself or along with other features of IBM Security Directory Serer. The C Client feature does not hae any dependency on other features. Howeer, the Serer and Proxy Serer features are dependent on the C Client. When you install the Serer or Proxy Serer feature, the C Client feature is automatically selected for installation. C Client is client Software Deelopment Kit (SDK) that proides the tools that are required to deelop C-language LDAP applications. C Client package contains the following files and applications: Client libraries that proide a set of C-language application programming interfaces (APIs) C header files to build and compile LDAP applications C serer and client utilities Sample programs in source form IBM SDK Jaa Technology Edition You can install IBM SDK Jaa Technology Edition as a feature either by itself or along with other features of IBM Security Directory Serer. When you choose to install IBM SDK Jaa Technology Edition, IBM Installation Manager extracts the compressed file to the jaa subdirectory in the IBM Security Directory Serer installation location. IBM SDK Jaa Technology Edition is required to compile Jaa sample programs, and to run Jaa programs, such as Instance Administration Tool (idsxinst) and Configuration Tool (idsxcfg). Jaa Client You can install Jaa Client as a feature either by itself or along with other features of IBM Security Directory Serer. The Jaa Client feature does not hae any dependency on other features. Howeer, the Serer and Proxy Serer features are dependent on the Jaa Client. When you install the Serer or Proxy Serer feature, the Jaa Client feature is automatically selected for installation. Jaa Client includes the IBM Security Directory Serer JNDI toolkit and Jaa client utilities. Serer You can install Serer as a feature along with other features of IBM Security Directory Serer. The Serer feature has dependency on the C Client and Jaa Client features. When you select the Serer feature for installation, the C Client and Jaa Client features are selected for installation. 14 Installing and configuring

Serer is required to create a full directory serer or an LDAP serer. You must configure a full directory serer with a database instance. It processes client requests that require accessing entries that are stored in the database. DB2 is required for a full directory serer. Proxy Serer You can install Proxy Serer as a feature along with other features of IBM Security Directory Serer. The Proxy Serer feature has dependency on the C Client and Jaa Client features. When you select the Proxy Serer feature for installation, the C Client and Jaa Client features are selected for installation. Proxy Serer is an LDAP serer that acts as a front end to the directory. It authenticates client requests for the entire directory and routes requests to full directory serers. Proxy Serer can also be used at the front end of a serer cluster or a distributed directory to proide failoer and load balancing. Web Administration Tool You can install Web Administration Tool as a feature either by itself or along with other features of IBM Security Directory Serer. Web Administration Tool is an optional feature that is required if you want to manage your directory serer remotely. To use Web Administration Tool, you must deploy it on a supported ersion of WebSphere Application Serer. Note: WebSphere Application Serer is not proided with the IBM Security Directory Serer installation package. You must download WebSphere Application Serer, Version 8.5.5 from Passport Adantage and install it separately. For more information, see the IBM Knowledge Center for WebSphere Application Serer. When you install Web Administration Tool, Directory Serices Markup Language (DSML) files are also copied to your computer. For more information about DSML, see Directory Serices Markup Language on page 187. You can use Web Administration Tool as a console to manage directory serers, which can be of the following types: IBM Security Directory Serer, ersion 6.4 IBM Security Directory Serer, ersion 6.3 IBM Security Directory Serer, ersion 6.2 IBM Security Directory Serer installation customization You can customize the IBM Security Directory Serer installation to suit your product usage. You can categorize the IBM Security Directory Serer installation for the following purpose: Complete product Full directory serer Proxy serer Client Remote serer management with Web Administration Tool Installing and configuring 15

Table 7. IBM Security Directory Serer features for installation based on the product usage All features Full directory serer Proxy serer Client Remote serer management with Web Administration Tool DB2 Yes No No No IBM Global Security Kit Yes Yes Yes No C Client Yes Yes Yes No IBM SDK Jaa Technology Edition Yes Yes Yes No Jaa Client Yes Yes Yes No Serer Yes No No No Proxy Serer No Yes No No Web Administration Tool Optional Optional No Yes Default installation locations If you run IBM Installation Manager for installation, IBM Security Directory Serer and its corequisite software is installed in the predefined installation location. Table 8. The default installation location of IBM Security Directory Serer, DB2, and IBM SDK Jaa Technology Edition. Operating system IBM Security Directory Serer DB2 IBM SDK Jaa Technology Edition Linux /opt/ibm/ldap/v6.4 /opt/ibm/ sdsv6.4db2 AIX /opt/ibm/ldap/v6.4 /opt/ibm/ sdsv6.4db2 Microsoft Windows C:\Program Files\IBM\ldap\V6.4 C:\Program Files\IBM\ sdsv6.4db2 /opt/ibm/ldap/ V6.4/jaa /opt/ibm/ldap/ V6.4/jaa C:\Program Files\IBM\ldap\ V6.4\jaa IBM Security Directory Serer can be installed only at the predefined location on the AIX and Linux systems. The path is specified by default in the Installation Directory field in IBM Installation Manager. Though this field is editable in IBM Installation Manager, if you change the path that is specified by default, you cannot click Next to proceed with the installation. You must reert to the default installation path for IBM Security Directory Serer. This restriction does not apply to Microsoft Windows operating systems. IBM Security Directory Serer can be installed at any custom location on Microsoft Windows operating systems. Een if you select a custom installation location for IBM Security Directory Serer, the idsinstinfo directory and the idsinstances.ldif file that it contains are always created on the partition that is specified by %SystemDrie%. If IBM Security Directory Serer is installed on the E: drie and the operating system is on the C: drie, you might obsere the following changes: 16 Installing and configuring

The idsinstinfo directory is created in the C: drie (C:\idsinstinfo), instead of in the E:\Program Files\IBM\ldap directory. Installation repositories The installation repository is the location where the IBM Security Directory Serer packages are aailable for installation. You can install IBM Security Directory Serer from one of the following locations: Product setup disk Remote shared drie or a local directory that contains an electronic image of the installation package You can use the repository to start an installation in the following ways: Use the Launchpad to start an installation from: A product setup disk An electronic image of the installation package on a remote shared drie or local directory When you use the Launchpad, the installation process is already configured with the location of the repository that contains the installation package. Start IBM Installation Manager directly and specify the repository preferences manually. For example: The URL for the repository on a web serer The path to a remote shared drie that contains the product package Starting the installation You can start the installation of IBM Security Directory Serer either by using the Launchpad or by using IBM Installation Manager set with repository preferences. Starting the installation with the launchpad The launchpad proides a single location to start the installation process. About this task You can use the launchpad to start an installation in the following scenarios: Installation from a product setup disk. Installation from a local directory or remote shared drie that contains an electronic image of the product package. When you use the launchpad to start the installation, IBM Installation Manager is automatically installed if a supported ersion is not on your system. 1. Go to the root directory of your installation package. If you are using the IBM Security Directory Serer product setup disk, insert the disk in the disk drie. If you are installing from electronic image of the product installation package, change to the directory where the image is located. 2. Start the launchpad. Note: For Windows operating systems, right-click the.exe file for the launchpad, and select Run as administrator. Installing and configuring 17

Operating system Windows 32-bit Windows 64-bit AIX and Linux Command to run: launchpad.exe launchpad64.exe./launchpad.sh IBM Security Directory Serer launchpad starts and the Welcome page is displayed. 3. On the Welcome page, select the language from the Select a language list, and click OK. 4. On the left naigation area, click IBM Security Directory Serer Installation. 5. On the Installation page, click the Launch the IBM Security Directory Serer installer link. IBM Installation Manager starts. 6. Ensure that the following packages are selected for installation: IBM Installation Manager (It is listed only if a supported ersion is not already installed on your system.) IBM Security Directory Serer 7. Continue with the steps to install IBM Security Directory Serer. See Installing with IBM Installation Manager on page 20. 8. After you finish the installation, click Exit. Results When you use the launchpad to start the IBM Security Directory Serer installation, the launchpad creates a temporary file, sds64.temp, which contains the media path name. The sds64.temp file is created in the following location on the operating system: AIX and Linux /tmp Microsoft Windows The default temporary directory of the system set in the TEMP ariable. You cannot install multiple copies of the same ersion of IBM Security Directory Serer on the same system. When you select the installation package for the same ersion again, IBM Installation Manager generates a warning message and you cannot proceed with the installation. Howeer, different ersions of IBM Security Directory Serer can coexist on the same system. What to do next Proceed with the steps to install IBM Security Directory Serer. See Installing with IBM Installation Manager on page 20. Starting the installation by setting repository preferences If the supported ersion of IBM Installation Manager is installed on your system, you can start it directly and specify the repository preferences. Before you begin IBM Installation Manager, Version 1.8.0 is supported for installation of IBM Security Directory Serer. An error message is displayed on the Install Packages page of IBM Installation Manager and you cannot proceed with the installation in the following scenarios: 18 Installing and configuring

You try to start the installation of IBM Security Directory Serer with a preious ersion of IBM Installation Manager. A preious ersion of IBM Installation Manager is detected when you start the installation of IBM Security Directory Serer from the Launchpad program. If your system contains IBM Installation Manager earlier than ersion 1.8.0, you must upgrade to ersion 1.8.0. You can choose one of the following ways to install the required IBM Installation Manager ersion. Start the IBM Installation Manager installation with the Launchpad. For more information, see Starting the installation with the launchpad on page 17. Download IBM Installation Manager, Version 1.8.0 for your operating system. For more information about silent mode installation of IBM Installation Manager, see the IBM Installation Manager documentation at http://www-01.ibm.com/ support/knowledgecenter/ssdv2w/welcome. About this task You can start the installation by setting the repository preferences in the following installation scenarios: Installation from a local directory or remote shared drie that contains the product package that is downloaded from IBM Passport Adantage. Installation from a URL for the repository on a web serer. 1. Start IBM Installation Manager. Windows From the Start menu, click All Programs > IBM Installation Manager > IBM Installation Manager. AIX and Linux Enter the following command at the command prompt. Modify the following default path if IBM Installation Manager is installed at a different location. /opt/ibm/installationmanager/eclipse/ibmim 2. On the Start page of IBM Installation Manager, click File > Preferences. 3. On the Repositories page, click Add Repository. 4. In the Add Repository page, enter the URL of the repository location or browse to it and set a file path. 5. Click OK. If you proided an HTTPS or restricted repository location, then you are prompted to enter a user ID and password. The new or changed repository location is listed. 6. To erify the repository access, click Test Connections. 7. Click OK to exit the Repositories page. Results You cannot install multiple copies of the same ersion of IBM Security Directory Serer on the same system. When you select the installation package for the same ersion again, IBM Installation Manager generates a warning message and you cannot proceed with the installation. Howeer, different ersions of IBM Security Directory Serer can coexist on the same system. Installing and configuring 19

What to do next Proceed with the steps to install IBM Security Directory Serer. See Installing with IBM Installation Manager. Installing with IBM Installation Manager Complete the steps to install IBM Security Directory Serer with the IBM Installation Manager. Before you begin Start the installation. 1. On the IBM Installation Manager Start page, click Install. 2. On the Install Packages page, select the IBM Security Directory Serer package for installation. 3. Click Next. IBM Installation Manager checks for the prerequisite packages on your computer. 4. If your computer does not meet the prerequisites check, the Validation Results page shows the prerequisites. a. To erify whether the prerequisite requirements are met after you install the prerequisite packages, click Recheck Status. For more information about the prerequisites, see Additional prerequisites on page 8. b. If all prerequisites are met, click Next. 5. Click I accept the terms in the license agreement, and click Next. The shared resources directory location is displayed. 6. Optional: Use the default path or specify a path in the Shared Resources Directory field. The shared resources directory is the directory where installation artifacts are stored so that they can be used by one or more product package groups. You can specify the shared resources directory only the first time that you install a package. 7. Click Next. The package group name and the default installation location are shown. The Create a new package group option is selected by default and only this option is supported for the installation of IBM Security Directory Serer. A package group represents a directory in which packages share resources with other packages in the same group. A package group is assigned a name automatically. Restriction: IBM Security Directory Serer can be installed only at the predefined location on the AIX and Linux systems. The path is specified by default in the Installation Directory field in IBM Installation Manager. Though this field is editable in IBM Installation Manager, if you change the path that is specified by default, you cannot click Next to proceed with the installation. You must reert to the default installation path for IBM Security Directory Serer. For a list of the default installation locations on arious operating systems, see Default installation locations on page 16. This restriction does not apply to Microsoft Windows operating systems. IBM Security Directory Serer can be installed at any custom location on Microsoft 20 Installing and configuring

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback