4.1 Install the DRA Administration Server

You can install the DRA Administration Server as either a primary or secondary node in your environment. The requirements for a primary and secondary administration server are the same, however, every DRA deployment must include one primary administration server.

The DRA server package has the following features:

  • Administration Server: Stores configuration data (environmental, delegated access, and policy), executes operator and automation tasks, and audits system-wide activity. It has the following features:

    • Log Archive Resource Kit: Enables you to view audit information.

    • DRA SDK: Provides the ADSI sample scripts and helps you to create your own scripts.

  • REST Service and Endpoints: Provides the RESTful interfaces that enable the DRA Web Console and non-DRA clients to request DRA operations. This service must run on a computer with either a DRA console or the DRA Administration Service installed.

  • User Interfaces: The web client interface that is primarily used by Assistant Administrators, but also includes customization options.

    • ADSI Provider: Enables you to create your own policy scripts.

    • Command-line Interface: Enables you to perform DRA operations.

    • Delegation and Configuration: Enable system administrators access to DRA configuration and administration functions. Also, enables you to granularly specify and assign access to managed resources and tasks to Assistant Administrators.

    • PowerShell Extensions: Provides a PowerShell module that allows non-DRA clients to request DRA operations using PowerShell cmdlets.

    • Web Console: The web client interface that is primarily used by Assistant Administrators, but also includes customization options.

For information about installing specific DRA consoles and command line clients on multiple computers, see Install the DRA Clients.

4.1.1 Interactive Installation Checklist:

Step

Details

Log on to the target server

Log on to the target Microsoft Windows server for the install with an account that has local administrative privileges.

Copy and run the Admin Installation Kit

Execute the DRA installation kit (NetIQAdminInstallationKit.msi) to extract the DRA installation media to the local file system.

NOTE:The installation kit will install the .Net framework on the target server if needed.

Install DRA

Click Install DRA and Next to see the installation options.

NOTE:To run the install later, navigate to the location where the installation media was extracted (View Installation Kit), and execute Setup.exe.

Default Installation

Choose the components to install and either accept the default installation location C:\Program Files (x86)\NetIQ\DRA or specify an alternate location for the installation. Component options:

Administration Server

  • Log Archive Resource Kit

  • DRA SDK

REST Services

User Interfaces

  • ADSI Provider

  • Command-line Interface

  • Delegation and Configuration

  • PowerShell Extensions

  • Web Console

Verify prerequisites

The Prerequisites dialog will display the list of required software based on the components selected for the installation. The installer will guide you through installing any missing prerequisites that are required for the install to complete successfully.

Accept the EULA license agreement

Accept the terms of the End User License Agreement.

Specify log location

Specify a location for DRA to store all the log files.

NOTE:The Delegation and Configuration Console logs and ADSI logs are stored in the user-profile folder.

Select the Server Operation Mode

Select Primary to install the first DRA Administration Server in a multi-master set (there will be only one primary in a deployment) or Secondary to join a new DRA Administration Server to an existing multi-master set.

For information about multi-master set, see Configuring the Multi-Master Set in the DRA Administrator Guide.

Specify installation accounts and credentials

  • DRA Service Account

  • AD LDS Group

  • DRA Administrator

For more information see: DRA Administration Server, Web Console, and REST Extensions Requirements.

Configure DCOM permissions

Enable DRA to configure “Distributed COM” access to authenticated users.

Configure ports

For more information on the default ports, see Required Ports and Protocols.

Specify storage location

Specify the local file location for DRA to use for storing audit and cache data.

Specify DRA replication database location

  • Specify the file location for the DRA replication database and the replication service port.

  • Specify the SSL certificate that you want to use for secure communications with the database through IIS, and specify the IIS replication port.

Specify REST Service SSL Certificate

Select the SSL certificate you will use for the REST service, and specify the REST and Host service ports.

Specify Web Console SSL Certificate

Specify the SSL certificate you will use for the HTTPS binding.

Verify install configuration

You can verify the configuration on the installation summary page before clicking Install to proceed with the installation.

Post install verification

  • After the installation completes, the Health Check Utility will run to verify the installation and update the product license.

    For more information, see “Health Check Utility” in the DRA Administrator Guide.

  • If NTLM is disabled in your environment, perform the steps in “Configuring DRA when NTLM is Disabled” in the DRA Administrator Guide.