3.2 Installing the Identity Server on Linux

3.2.1 Installation Requirements on Linux

  • 4 GB RAM

  • Dual CPU or Core (3.0 GHz or comparable chip)

  • 100 GB hard disk

    This amount is recommended to ensure ample space for logging in a production environment. This disk space must be local and not remote.

  • One of the following operating systems:

  • gettext

  • python (interpreter)

  • Static IP address.

IMPORTANT:

  • No LDAP software, such as eDirectory or OpenLDAP, can be installed. (A default installation of SLES installs and enables OpenLDAP.)

  • Because of library update conflicts, you cannot install Access Manager on a Linux User Management (LUM) machine.

For information about network requirements, see Section 1.3, Network Requirements.

3.2.2 Installation Procedure

Installation time: about 10 minutes.

What you need to know to install the Identity Server

  • Username and password of the administrator.

  • (Conditional) IP address of the Administration Console if it is installed on a separate machine.

  1. Open a terminal window.

  2. Log in to as a root user.

  3. Access the install script.

    1. Ensure that you have downloaded the software or that you have the CD available.

      For software download instructions, see the release-specific Readme.

    2. Do one of the following:

      • If you are installing from CD or DVD, insert the disc into the drive, then navigate to the device. The location might be /media/cdrom, /media/cdrecorder, or /media/dvdrecorder, depending on your hardware.

      • If you downloaded the tar.gz file, unzip the file by using the following command:

        tar -xzvf <filename>

    3. Change to the novell-access-manager directory.

  4. At the command prompt, run the following install script:

    ./install.sh
    
  5. When you are prompted to install a product, specify 2, Install Identity Server, then press Enter.

    This selection is also used for installing additional Identity Servers for clustering behind an L4 switch. You need to run this install for each Identity Server you add to the cluster.

    NOTE: The Administration Console is accessible on ports 2080 (HTTP) and 2443 (HTTPs) if the Identity Server is installed on the same machine.

    The following warning is displayed:

    Warning: If NAT is present between this machine and Administration Console, configure NAT in the Administration Console.
    Exit this installation if NAT is not configured in the Administration Console.
    Would you like to continue (y/n)? 
    

    For more information about how to configure NAT, see Configuring the Administration Console Behind NAT.

  6. Specify Y to proceed.

  7. Review and accept the License Agreement.

  8. Specify the IP address, user ID, and password for of the primary Administration Console. Specify the local NAT IP address if local NAT is available for the Identity Server.

    If the installation program rejects the credentials and IP address, ensure that the correct ports are open on both the Administration Console and the Identity Server, as described in Section 3.1, Prerequisites.

  9. The following components are installed:

    Component

    Description

    Access Manager Server Communication

    Enables network communications, including identifying devices, finding services, moving data packets, and maintaining data integrity.

    Identity Server

    Provides authentication and identity services for the other Access Manager components and third-party service providers.

    Identity Server Configuration

    Allows the Identity Server to be securely configured by the Administration Console.

    If the installation process terminates at this step, the probable cause is a failure to communicate with the Administration Console. Ensure that you specified the correct IP address.

    Access Manager Server Communications Configuration

    Enables the Identity Server to auto-import itself into the Administration Console.

  10. Continue with one of the following:

    NOTE:After you install an Identity Server, you must create a cluster configuration. See Identity Servers Cluster in the NetIQ Access Manager 4.1 Administration Guide .