8.3 Creating the Silent Properties File

Most of the Identity Manager containers offer an interactive mode of installation. However, NetIQ recommends the use of a silent properties file for the deployment of different containers.

NOTE:When the silent.properties file is generated, it will be available in the /data of the Docker host.

  1. From the location where you have extracted the Identity_Manager_4.8_Containers.tar.gz file, navigate to the Identity_Manager_4.8_Containers directory.

  2. Run the following command to load the image:

    docker load --input IDM_48_idm_conf_generator.tar.gz

  3. Deploy the container using the following sample command:

    NOTE:Ensure that you specify the machine FQDN as a value for the hostname.

    docker run -it --name=idm_conf_generator --hostname=identitymanager.example.com -v /data:/config idm_conf_generator:idm-4.8.0

  4. Navigate to the idm directory.

  5. Run the create_silent_props.sh file:

    ./create_silent_props.sh

  6. Enter y to proceed with the installation and configuration of the components.

  7. To install JRE, enter y.

  8. Specify the path for the properties file.

    NOTE:Ensure that you create the silent.properties file in the shared volume location, for example, /config.

  9. Specify the following settings to create the silent properties file:

    Parameter

    Description

    Silent Property file name with absolute path

    Specify the path for the silent properties file.

    Configure the Silent properties for Docker Containers

    Specifies whether you want to configure the properties file for Docker containers.

    Generate inputs for Kubernetes Orchestration

    Applies only if you have selected y in the Configure the Silent properties for Docker Containers option.

    Specifies whether you want to generate the YAML file for Kubernetes.

    Directory name with absolute path for creating kube yaml file

    Applies only if you have selected y in the Generate inputs for Kubernetes Orchestration option.

    Specifies the path for creating the YAML file for Kubernetes.

    NOTE:It is recommended that you provide different paths for the Identity Applications and Identity Reporting YAML files.

    Kubernetes volume mount path

    Applies only if you have selected y in the Generate inputs for Kubernetes Orchestration option.

    Specifies the path for the Kubernetes volume.

    Identity Manager Engine hostname for Kubernetes deployment

    Applies only if you have selected y in the Generate inputs for Kubernetes Orchestration option.

    Specifies the hostname of the Identity Manager Engine.

  10. Decide the Identity Manager server edition you want to install. Enter y for Advanced Edition and n for Standard Edition.

  11. Decide if you want to configure the components in a typical or custom mode.

  12. From the list of components available for installation, select the required components:

    • To install Engine, select Identity Manager Engine.

    • To install Identity Reporting, select Identity Reporting.

    • To install Identity Applications, select Identity Applications.

    For information about the configuration parameters, see Understanding the Configuration Parameters.

    NOTE:

    • You must generate the silent.properties file for all components at once.

    • Use FQDN for all IP related configuration prompts.

    • The SSO_SERVER_SSL_PORT, TOMCAT_HTTPS_PORT, UA_SERVER_SSL_PORT, and RPT_TOMCAT_HTTPS_PORT must be unique ports. For example, modify the SSO_SERVER_SSL_PORT to 8543, TOMCAT_HTTPS_PORT and UA_SERVER_SSL_PORT to 18543, and RPT_TOMCAT_HTTPS_PORT to 28543 respectively.

    • (Conditional) If you are deploying containers on a single server using the host network mode, you must specify the tomcat.ks path as /opt/netiq/idm/apps/tomcat/conf/tomcat.ks for the certificate-related prompts specific to OSP, Identity Applications, and Identity Reporting.

  13. (Conditional) If you are deploying containers on a single server using the host network mode, you must perform the following steps after the silent properties file is generated:

    • Ensure that the value for the CUSTOM_OSP_CERTIFICATE is set to n.

    • Add the following entries at the end of the silent.propertes file:

      SKIP_PORT_CHECK=1

      CUSTOM_UA_CERTIFICATE="n"

      TOMCAT_SSL_KEYSTORE_PASS="<password>"

      CUSTOM_RPT_CERTIFICATE="n"