1.2 Recommended Installation Scenarios and Server Setup

When you perform a standalone installation, you should install the components in a specific order and on specific servers. The installation programs for some components require information about previously installed components.

This section helps you determine the installation order and server setup in a single-server or in a distributed environment.

1.2.1 Deciding When to Install SLM for IGA

Sentinel is the preferred audit event destination for Identity Manager. Identity Manager provides event forwarding capabilities to Sentinel by configuring Sentinel Link using Sentinel Event Source Management (ESM). If you are already using Sentinel for auditing or as an integration framework for tracking identities, you might choose to use your existing Sentinel for auditing events instead of installing SLM for IGA.

Regardless of whether you choose to reuse your existing Sentinel server or perform a new installation of SLM for IGA shipped with Identity Manager, you must configure the Sentinel server as a source of audit data. You do this by creating a data synchronization policy on the Sentinel server in the Identity Manager Data Collection Services page for auditing events. For more information, see About the Data Sync Policies tab in the Administrator Guide to NetIQ Identity Reporting.

If you perform a new installation of SLM for IGA, install the components in the following order:

  1. Identity Vault (eDirectory)

  2. iManager

  3. Identity Manager Engine

  4. Designer

  5. Remote Loader

  6. Tomcat

  7. OSP

  8. SSPR

  9. Identity Applications (not required for Standard Edition)

  10. Identity Reporting

  11. (Optional) Analyzer

  12. SLM for IGA (can be installed only on a Linux system)

1.2.2 Considerations for Installing in a Distributed Setup

In a typical production environment, you might install Identity Manager on seven or more servers, as well as on client workstations. For example:

Computer setup

Component setup

All in One (Only recommended for demo /POC setup)

Install and configure all components on one computer (Identity Manager Engine, Identity Applications, Identity Reporting, OSP, SSPR, Identity Applications Database, and Reporting Database) and Sentinel Log Management for IGA on a separate computer.

Distributed setup

Server 1

  • Identity Vault

  • Identity Manager Engine

Server 2

Identity Applications and OSP (can be clustered)

Server 3

Identity Reporting (OSP)

Server 4

SSPR

Servers 5 and 6

Identity Manager databases for:

  • Identity applications

  • Identity Reporting

Server 7

Sentinel Log Management for IGA