11.4 Preparing Your Environment for the Identity Applications

The Identity Applications benefit from higher availability when you run them in a cluster. In addition, they support HTTP session replication and session failover. This means that if a session is in process on a node and that node fails, the session can be resumed on another server in the cluster without intervention.

This section provides instructions for preparing your environment, including a cluster environment, to function with the identity applications. You must complete the steps in this chapter in conjunction with the instructions in Using the Guided Process to Install the Identity Applications.

11.4.1 Specifying a Location for the Permission Index

When you install the identity applications, the process creates a permission index for Tomcat. If you do not specify a location for the index, the installation creates a folder in a temporary directory. For example: C:\NetIQ\idm\apps\tomcat\temp\permindex on Tomcat.

In a test environment, the location usually does not matter. However, in a production or staging environment, you might not want to place the permission index in a temporary directory.

To specify a location for the index:

  1. Stop Tomcat.

  2. In a text editor, open the ism-configuration.properties file.

  3. At the end of the file, add the following text:

    com.netiq.idm.cis.indexdir = path\permindex

    For example:

    com.netiq.idm.cis.indexdir = C:\NetIQ\idm\apps\tomcat\temp\permindex
  4. Save and close the file.

  5. Delete the existing permindex folder in the temporary directory.

  6. Start Tomcat.

To enable permission index for clustering, see Enabling the Permission Index for Clustering.

11.4.2 Preparing Your Application Server for the Identity Applications

You should prepare Tomcat that will run the identity applications. For your convenience, NetIQ provides Apache Tomcat in the installation kit. For more information about using the applications in a cluster environment, also see Preparing a Cluster for the Identity Applications.

The .iso for installing Identity Manager includes a program for installing Tomcat (and optionally PostgreSQL). For more information, see Installing PostgreSQL and Tomcat.

You can use your own Tomcat installation program instead of using the convenience installer provided in the installation package. However, if you do use a different installation program, there are additional steps you must perform for Tomcat to function correctly with the Identity Applications.

Before you start the installation process, ensure that the versions of the components you are installing are supported with this version of the Identity Applications. For more information, see Prerequisites and Considerations for Installing the Identity Applications.

  1. Install Apache Tomcat as a service on your server.

    For more information, see Tomcat Setup.

  2. Install the following components on the same server where you installed Tomcat.

  3. Copy the activemq-all-5.15.2 jar file to the C:\NetIQ\idm\apps\activemq folder.

  4. Copy the following files to the C:\NetIQ\idm\apps\tomcat\bin folder for logging.

    • log4j.jar

    • log4j.properties

    • tomcat-juli-adapters.jar

  5. Set the following properties in the setenv.bat file.

    JAVA_HOME
    JRE_HOME
    PATH (set Java path)
    JAVA_OPTS="-Xms1024m -Xmx1024m"
  6. Copy the postgresql-9.4.1212jdbc42.jar file to the C:\NetIQ\idm\apps\tomcat\bin folder.

  7. (Conditional) In a cluster environment, open the server.xml file located by default in the \TOMCAT_INSTALLED_HOME\conf\ directory in the first node of the cluster and uncomment this line:

    <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>

    Do this for all nodes in the cluster.

    For advanced Tomcat clustering configuration, follow the steps from Apache Tomcat Documentation.