A silent (non-interactive) installation does not display a user interface or ask the user any questions. Instead, the system uses information from the identity-governance-silent.properties file, included in the installation package. You must edit the file before beginning the installation process.
This section provides guidance for the following activities:
To prepare for the installation, review the considerations and system requirements listed in the following sections:
Section 1.8, Prerequisites for Installing Identity Governance
Section 1.9.1, Identity Governance Server System Requirements
Release Notes accompanying the release
To perform a guided installation, see Section 4.5, Using a Guided Process to Install Identity Governance and Identity Reporting.
Identity Governance reads in the following passwords from environment variables during the silent and GUI installation processes. You must set these in the silent properties file.
install_authserver_client_secret: It is the password for OSP.
install_bootstrap_secret: It is the password for the bootstrap administrator. When using OSP, this password gets encrypted and written to a file. When using Access Manager, the user must exist in an LDAP server connected to the Access Manager IDP.
install_db_admin_secret: It is the password for the database administrator.
install_db_secret: It is the password for igops, igarc, igdcs, igwf, and igara.
install_db_rpt_secret: It is the password for igrptuser.
install_db_reporting_secret: It is the password for idm_rpt_cfg (used only in Identity Reporting installations).
install_truststore_secret: It is the password for the generated trust store.
install_smtp_secret_auth_user: It is the password for the SMPT authentication user (used only in Identity Reporting installations).
install_nam_admin_secret: It is the password for the Access Manager console administrator.
In a clustered environment, you can use the same silent properties file for each node. However, you might choose to run the guided installation on the primary node, then silently install on the secondary nodes. You can quickly create a silent properties file from the Identity_Governance_InstallLog.log file that the guided installation creates.
Locate the Identity_Governance_InstallLog.log file:
Linux: Default location of /opt/netiq/idm/apps/idgov/logs
Windows: Default location of c:\netiq\idm\apps\idgov\logs
Locate the sample identity-governance-install-silent.properties file, by default in the same directory as the installation scripts for Identity Governance.
Open the files in a text editor.
Copy the parameter values from the log file to their corresponding parameters in the silent properties file.
The silent properties file should contain all the parameters listed between User Interactions and Summary in the log file. Do not delete INSTALLER_UI=silent or any content after # When to Configure DB?.
Change the values that represent the true/false settings:
|
Log file |
Silent.properties file |
|---|---|
|
0 |
false |
|
1 |
true |
Change the values as specified in the following table:
|
Log file |
Silent.properties file |
|---|---|
|
install_servlet_protocol=http |
|
install_servlet_protocol=https |
|
install_authserver_protocol=http |
|
install_authserver_protocol=https |
(Conditional) If installing only Identity Reporting, change the values as specified in the following table:
|
Log file |
Silent.properties file |
|---|---|
|
install_govern_protocol=http |
|
install_govern_protocol=https |
The default value in the silent properties file uses the values set for the servlet:
install_govern_protocol=$install_servlet_protocol$
install_govern_hostname=$install_servlet_hostname$
install_govern_port=$install_servlet_port$
(Optional) Specify any number of certificate files and corresponding aliases to accept into the trust store (/opt/netiq/idm/apps/tomcat/conf/apps-truststore.pkcs12). For example:
install_cert_1_file=/home/username/Downloads/tomcat_cert install_cert_1_alias=ig-tomcat install_cert_2_file=/home/username/Downloads/audit_cert install_cert_2_alias=ig-audit
NOTE:You can specify the files in any order, and they must exist on the same machine as the Identity Governance installer. The installer will start trusting with 1 and stop with the first missing consecutive number. So if you list files 1, 2, and 4, the installer only trusts certificates 1 and 2.
(Optional) To prevent the installation process from creating or configuring the database, specify no for install_db_configure and leave install_db_create blank.
For example:
# When to Configure DB? # Allowable values: # during - Perform configuration during installation # after - Perform configuration post install, via a generated SQL script # no - Do not perform DB configuration install_db_configure=no # Create DB? # If performing the DB configuration during installation, # should the installer also create the database # or should it use an existing database. # # Allowable values: # true - Create the database. # false - Use an existing database. install_db_create=
The installation process only needs the values for the databases under #Database details.
Save and close the file.
Log in as root on Linux server or an administrator on Windows server where you want to install Identity Governance.
Stop Tomcat. For examples, see Stopping, Starting, and Restarting Tomcat.
Locate the sample identity-governance-install-silent.properties file, by default in the same directory as the installation scripts for Identity Governance.
(Conditional) In a non-clustered environment or when installing on the primary node, complete the following steps:
In a text editor, open the identity-governance-install-silent.properties file.
Specify the parameter values. For a description of the parameters, see Step 7.
Save and close the file.
(Conditional) When installing on a secondary node in a cluster, you can create the .properties file using the steps in Section 4.6.2, Creating a Silent Properties File for Installing on a Secondary Node.
To launch the installation program, enter the following command:
Linux: ./identity-governance-install-linux.bin -i silent -f path_to_silent_properties_file
Windows: From a command line, enter: cmd /c "identity-governance-install-win.exe -i silent -f path_to_silent_properties_file”
NOTE:If the silent properties file is in a different directory from the installation script, you must specify the full path to the file. The script unpacks the necessary files to a temporary directory and then launches the silent installation.
When the installation process completes, continue to Section 6.0, Completing the Installation Process.
NOTE:Do not start Tomcat.