13.1 Using the Guided Process to Install Identity Reporting

The following procedure describes how to install Identity Reporting using an installation wizard. To perform a silent, unattended installation, see Installing Identity Reporting Silently.

  1. Log in to the computer where you want to install Identity Reporting.

  2. Stop Tomcat.

  3. (Conditional) If you have the .iso image file for the Identity Manager installation package, navigate to the directory containing the installation files for Identity Reporting, located by default in the \products\Reporting directory.

  4. (Conditional) If you downloaded Identity Reporting installation files from the NetIQ Downloads website, complete the following steps:

    1. Navigate to the .tgz file for the downloaded image.

    2. Extract the contents of the file to a folder on the local computer.

  5. From the directory that contains the installation files, run the rpt-install-win.exe file.

  6. In the installation program, specify the language that you want to use for installation, and then click OK.

  7. Review the Introduction text and click Next.

  8. Accept the license agreement and click Next.

  9. Complete the guided process, using the following parameters:

    • Installation Folder

      Specifies the path to a directory where the installation program creates the application files, including installation log files, helper scripts, and configuration scripts.

    • Reporting Setup

      Represents the environment and its settings to which you want to add Identity Reporting. For Identity Manager, specify the following values:

      Identity Vault Server

      Specifies the hostname to the eDirectory server.

      Secure LDAP Port

      Specifies the port you want to use to establish an LDAP connection to the eDirectory server over SSL. The default port is 636.

      Provisioning Home

      Specifies the Identity Manager provisioning home location. This can be the full application server URL or a relative path for the URL.

    • Application Server Details

      Represents Tomcat that you want to run Identity Reporting. The application server must already be installed.

      Secondary

      Specifies whether the current install is on a secondary node of a cluster.

      Tomcat root folder

      Specifies a path to the Tomcat instance. For example, C:\NetIQ\idm\apps\tomcat.

      Java JRE Base folder

      Specifies the Java JRE base folder location.

      The path contains the config update utility file and is used to launch this utility after Identity Reporting is installed.

    • Application Address

      Represents the settings for the server that hosts Identity Reporting.

      Protocol

      Specifies whether you want to use http or https. To use SSL for communication, specify https.

      Host name

      Specifies the DNS name or IP address of Tomcat. Do not use localhost.

      Port

      Specifies the port that you want Tomcat to use for communication with the Identity Reporting application.

      Connect to an external authentication server

      Specifies whether a different instance of Tomcat hosts the authentication server (OSP). The authentication server contains the list of users who can log in to Identity Reporting.

      If you select this setting, specify values for the authentication server’s Protocol, Host name, and Port.

    • Authentication Server Details

      Specifies the password for the Identity Reporting Service.

      Identity Manager uses this password to connect to the OSP client on the authentication server.

    • Database Details

      Represents the settings for the reporting database, including whether you want the installation process to create the database or generate an SQL file for creating the database later.

      Database name

      Specify the database name as per your requirement:

      • In case of a new installation, specify the name of your Reporting database. For example, idmrptdb or SIEM.

      • If you are migrating from EAS, specify the name for the EAS database, for example, SIEM.

      Database host

      Specify the database host as per your requirement:

      • In case of a new installation, specify the DNS name or IP address of the server where the database has to be created.

      • If you are migrating from EAS, specify the DNS name or IP address of the server that hosts your SIEM database.

      Database type

      Select the database that you want to use.

      If you select Oracle, specify the following details:

      • JDBC driver jar

        Specifies the path to the jar file for the Oracle JDBC driver. For example, C:\oracle\ojdbc7.jar.

        For more information, see Running Reports on an Oracle Database.

      • JDBC driver classname

        Specifies the class of the JDBC driver.

      • JDBC driver type

        Specifies the type of JDBC driver.

      If you select PostgresSQL, click Next.

      Share password

      Enables you to specify a single password for all reporting users when they connect to the database.

      Specify password for each user

      Enables you to specify a unique password for each reporting user to the database. You need to specify a password for idm_rpt_data_password, idm_rpt_cfg_password, and idmrptuserpassword.

      Database port

      Specifies the port to connect to the database.The default port is 5432.

      Configure database now or at startup

      Indicates that you have the login settings for the database so the installation program can create the database immediately or during reporting startup. You must also specify the following values:

      • DBA userid

        Specifies the name of the administrative account for the SIEM database server. For example, postgres.

      • DBA password

        Specifies the password for the administrative account for the database.

      • Test Database Connection: Indicates whether you want the installation program to test the values specified for the database.

        The installation program attempts the connection when you click Next or press Enter.

        NOTE:You can continue with installation if the database connection fails. However, after installation, you must manually create the tables and connect to the database. For more information, see Manually Generating the Database Schema.

      Generate SQL for later

      Instructs the installation program to generate a SQL file that your database administrator will use to create the database after your complete the installation process. To create the database after installation, see Manually Generating the Database Schema.

    • Default Language

      Specifies the language that you want Identity Reporting to use in searches.

    • Identity Vault Credentials

      Represents the settings that Identity Reporting uses to connect to the Identity Vault.

      Identity Vault Administrator

      Specifies the distinguished name for the LDAP Administrator. For example, cn=admin. This user must already exist in the Identity Vault.

      Identity Vault Administrator Password

      Specifies the password for the Identity Vault administrator.

      Keystore Path

      Specifies the full path to your keystore (cacerts) file of the JRE that Tomcat uses to run.

      Keystore Password

      Specifies the password for the keystore file.

      Report Admin Role Container DN

      Specify the DN for the container that stores the Report Administrator role.

      Report Admin User DN

      Specifies an existing user account in the Identity Vault that has the rights to perform administrative tasks for Identity Reporting.

    • User Application driver

      Represents the name of your application driver, driver set, and driver set container.

      User Application Driver

      Specifies the name of the User Application driver.

      Driver set name

      Specifies the name of the driver set.

      Driver set container

      Specifies the name of the driver set container.

    • Email Delivery

      Represents the settings for the SMTP server that sends report notifications. To modify these settings after installation, use the RBPM Configuration utility.

      Default email address

      Specifies the email address that you want Identity Reporting to use as the origination for email notifications.

      SMTP server

      Specifies the IP address or DNS name of the SMTP email host that Identity Reporting uses for notifications. Do not use localhost.

      SMTP server port

      Specifies the port number for the SMTP server. The default port is 465.

      Use SSL for SMTP

      Specifies whether you want to use SSL protocol for communication with the SMTP server.

      Require server authentication

      Specifies whether you want to use authentication for communication with the SMTP server. You must also specify the following values:

      • SMTP user name

        Specifies the name of an login account for the SMTP server.

      • SMTP password

        Specifies the password of a login account for the SMTP server.

    • Report Details

      Represents the settings for report definitions and completed reports.

      Keep finished reports for

      Specifies the amount of time that Identity Reporting will retain completed reports before deleting them.

      For example, to specify six months, enter 6 and then select Month.

      Location of report definitions

      Specifies a path where you want to store the report definitions.

      For example, C:\NetIQ\idm\apps\IdentityReporting.

  10. In the Pre-Installation Summary window, click Install.