10.1 Planning to Install Password Management for Identity Manager

This section provides information prerequisites, considerations, and system setup that are needed to install Self Service Password Reset (SSPR).

10.1.1 Checklist for Installing Password Management Components

NetIQ recommends that you complete the steps in the following checklist:

	Checklist Items
	Review the planning information. For more information, see Section I, Planning to Install Identity Manager.
	Review the hardware and software requirements for the computers that will host the Identity Vault. For more information, see Meeting System Requirements.
	Ensure that Tomcat has been installed. For more information, see Installing PostgreSQL and Tomcat.
	(Conditional) To use the Apache Log4j service to record events in Tomcat, ensure that you have the appropriate files. For more information, see Using the Apache Log4j Service to Log Sign-on.
	Install SSPR: For a guided installation, see Using the Wizard to Install Self Service Password Request. For a silent installation, see Silently Installing Self Service Password Reset.
	Install and configure the identity applications to use single sign-on access and password management. For more information, see Installing the Identity Applications.

10.1.2 Prerequisites for Installing Self Service Password Reset

Your installation of NetIQ Self Service Password Reset (SSPR) should match the server requirements for the identity applications, with the following considerations:

SSPR requires TSL/SSL protocol for communication.
SSPR requires a supported version of the Tomcat application server. For more information, see Prerequisites for Installing Tomcat and the most recent Release Notes for this version.
NetIQ recommends that you review the prerequisites and requirements listed in the NetIQ Self Service Password Reset Administration Guide.

10.1.3 System Requirements for Self Service Password Reset

SSPR requires Apache Tomcat application server. The version of Tomcat must be the same as required for the identity applications.

All other server requirements match the server requirements for the identity applications. For more information, see Prerequisites and Considerations for Installing the Identity Applications and the most recent Release Notes for this version.

10.1.4 Using the Apache Log4j Service for Password Event

You can use either the Apache Log4j or java.util.logging service to record events that occur in Tomcat. The Tomcat installer in the Identity Manager installation kit includes the files that you need for Log4j. However, if you install your own version of Tomcat, you need the following files to use the Apache logging service:

log4j-1.2.16.jar
tomcat-juli-adapters.jar
tomcat-juli.jar

To add the files to your Tomcat installation, complete the following steps:

Download the “JULI” files for Tomcat v8.5.x from the Apache website:
- tomcat-juli.jar
- tomcat-juli-adapters.jar
Download the log4j-1.2.16.jar file from the Apache website.
Place the following files in the $TOMCAT_HOME\lib directory:
- log4j-1.2.16.jar
- tomcat-juli-adapters.jar
Place the tomcat-juli.jar file in the $TOMCAT_HOME/bin directory.
Specify a value for -Dlog4j.configuration in CATALINA_OPTS or create a log4j.properties file in the $TOMCAT_HOME\lib directory.