37.4 Post-Installation Steps

This section provides information about updating your Tomcat environment after you install the identity applications.

If you used the convenience installer for Tomcat, the installation programs for Identity Manager configure Tomcat for you. If you installed your own Tomcat program, consider the following issues:

You can modify the Tomcat service to perform more effectively. For more information, see So You Want High Performance.
You might want to add support for logging events. For more information, see Using the Apache Log4j Service to Log Sign-on.

37.4.1 Configuring the User Application Driver for Clustering

For more information see, Configuring the User Application Driver for Clustering.

37.4.2 Passing the preferIPv4Stack Property to JVM

The identity applications use JGroups for the caching implementation. In some configurations, JGroups requires that the preferIPv4Stack property be set to true to ensure that the mcast_addr binding is successful.

Without this option, the following error might occur:

[10/1/09 16:11:22:147 EDT] 0000000d UDP           W org.jgroups.util.Util
createMulticastSocket could not bind to /228.8.8.8 (IPv4 address); make sure
your mcast_addr is of the same type as the IP stack (IPv4 or IPv6).

You might also see this error:

[3/21/12 10:04:32:470 EDT] 00000024 UDP      E org.jgroups.protocols.TP down
failed sending message to null (131 bytes)
        java.lang.Exception: dest=/228.8.8.8:45654 (134 bytes)
    at org.jgroups.protocols.UDP._send(UDP.java:353)

The parameter java.net.preferIPv4Stack=true is a system property that can be set in the same manner as other system properties such as extend.local.config.dir.

37.4.3 Checking the Health of the Server

Most loadbalancers provide a healthcheck feature for determining whether an HTTP server is up and listening. The User Application contains a URL that can be used for configuring HTTP healthchecks on your loadbalancer. The URL is:

http://<NodeIP>:port/IDMProv/jsps/healthcheck.jsp

37.4.4 Monitoring the Health Statistics

The new API allows you to retrieve information about the health of the User Application. The REST API can access the system for the currently running threads, memory consumption, cache, and cluster information and returns the information using the GET operation.

Memory information (JVM and system memory): Reads the memory related information such as system memory and memory consumed by the JVM.

For example,
```
http://<ip_addr:port>/IDMProv/rest/monitoring/statistics/memoryinfo
```
Thread information: Reads the information about the CPU-intensive threads and returns the list of top threads that cause heavy utilization of the CPU.

For example,
```
http://<ip_addr:port>/IDMProv/rest/monitoring/statistics/threadinfo
```
To access the stack trace of threads in the JVM, set the stack parameter to True.

For example,
```
http://<ip_addr:port>/IDMProv/rest/monitoring/statistics/threadinfo?stack=true
```
To specify the number of threads in the JVM, specify the value for the thread-count parameter.

For example,
```
http://<ip_addr:port>/IDMProv/rest/monitoring/statistics/threadinfo?thread-count=1
```
Cache information: Reads the cache information for the User Application.

For example,
```
http://<ip_addr:port>/IDMProv/rest/monitoring/statistics/cacheinfo
```
Cluster information: Reads the cluster related information.

For example,
```
http://<ip_addr:port>/IDMProv/rest/monitoring/statistics/clusterinfo
```

NOTE:You need to be a Security Administrator to view the User Application health statistics by using the REST API.

37.4.5 Creating Compound Indexes

After installing or upgrading the identity applications, manually create the compound indexes for each attribute that you want to use to sort users in the Identity Manager Dashboard. You can create compound indexes using ndsindex utility which is located in the eDirectory installed path. You can specify multiple attributes separated using $ sign for compound indexing. Following are the basic attributes that require compound indexing:

Surname,Given Name
Given Name,Surname
cn,Surname
Title,Surname
Telephone Number,Surname
Internet Email Address,Surname
L,Surname
OU,Surname

The following command helps you to create compound indexes using ndsindex utility:

ndsindex add [-h <hostname>] [-p <port>] -D <admin DN> -W|[-w <password>] -s <eDirectory Server DN> [<indexName1>, <indexName2>.....]

For example, to sort users based on Title, execute the following command:

Linux

ndsindex add -h <hostname> -p <ldap port> -D <admin DN> -w <admin passwd> -s <eDirectory Server DN> Title-SN\;Title\$Surname\;value

Windows

ndsindex add -h <hostname> -p <ldap port> -D <admin DN> -w <admin passwd> -s <eDirectory Server DN> Title-SN;Title$Surname;value

You can also create compound indexes using Conversion Export Utility.

You must use an LDIF file to create indexes. After the LDIF file is imported, initiate the indexing activity by triggering Limber. Otherwise, indexing takes place when Limber triggers automatically.

Example LDIF file to create compound indexes to sort users on Title attribute:

dn: cn=osg-nw5-7, o=Novell

changetype: modify

add: indexDefinition

indexDefinition: 0$sntitleindex$0$0$0$1$Title$surname

For more information LDIF files, see LDIF Files in NetIQ eDirectory Administration Guide.