Use the information in this topic to understand the details of a new implementation of Identity Manager.
Table 2-1 Planning Worksheet
|
Planning Activity |
Worksheet |
|---|---|
|
Decide on your implementation type based on use cases and size the deployment |
|
|
Design your deployment architecture. List down the number of physical computers/servers and other systems needed to support your environment |
|
|
Ensure that your system meets the system requirements |
|
|
Review the network ports to determine whether the default ports will conflict with the ports in use |
It is important to estimate the size of your deployment correctly because the steps to follow and the design elements vary depending on the size of the deployment. Review sizing and scalability considerations for each component to understand the capacity requirements.
Table 2-2 Sizing Worksheet
|
Characteristic |
Value |
|---|---|
|
Number of Physical Computers/Servers |
|
|
Number of Drivers Running on the primary Identity Manager Server |
|
|
Number of Drivers Running on the secondary Identity Manager Server |
|
|
Number of Identity Applications Nodes in the cluster |
|
|
Number of Identity Applications Databases |
|
|
Number of Self-Service Password Reset Instances inside the firewall |
|
|
More to follow... |
|
After sizing the deployment, select the appropriate deployment and record the number of physical computers/servers required to support the deployment.
Table 2-3 Architecture Worksheet
|
Deployment use case |
|
|
|
|
|
|---|---|---|---|---|---|
|
Identity Manager Server failover deployment with all drivers |
|
|
|
|
|
|
Number of Drivers Running |
|
|
|
|
|
|
Identity Applications high availability deployment |
|
|
|
|
|
For information about the recommended hardware, supported operating systems, and supported virtual environments, see the System Requirements for Identity Manager 4.8.
For information about system requirements for a specific release, see the Release Notes accompanying the release at the Identity Manager documentation website.An Identity Manager implementation can vary based on the needs of your IT environment, so you should contact NetIQ Consulting Services or any of the NetIQ Identity Manager partners prior to finalizing the Identity Manager architecture for your environment.
Identity Manager components use different ports for proper communication among the Identity Manager components.
NOTE:If a default port is already in use, ensure that you specify a different port for the Identity Manager component.
|
Port Number |
Component |
Port Use |
|---|---|---|
|
389 |
Identity Vault |
Used for LDAP communication in clear text with Identity Manager components |
|
465 |
Identity Reporting |
Used for communication with the SMTP mail server |
|
524 |
Identity Vault |
Used for NetWare Core Protocol (NCP) communication |
|
636 |
Identity Vault |
Used for LDAP with TLS/SSL communication with Identity Manager components |
|
5432 |
Identity Applications |
Used for communication with the identity applications database |
|
7707 |
Identity Reporting |
Used by the Managed System Gateway driver to communicate with the Identity Vault |
|
8000 |
Remote Loader |
Used by the driver instance for TCP/IP communication NOTE:Each instance of the Remote Loader should be assigned a unique port. |
|
8005 |
Identity Applications |
Used by Tomcat to listen for shutdown commands |
|
8009 |
Identity Applications |
Used by Tomcat for communication with a web connector using the AJP protocol instead of HTTP |
|
8028 |
Identity Vault |
Used for HTTP clear text communication with NCP communication |
|
8030 |
Identity Vault |
Used for HTTPS communication with NCP communication |
|
8080 |
Identity Applications iManager |
Used by Tomcat for HTTP clear text communication |
|
8090 |
Remote Loader |
Used by the Remote Loader to listen for TCP/IP connections from the remote interface shim NOTE:Each instance of the Remote Loader should be assigned a unique port. |
|
8109 |
Identity Applications |
Applies only when using the integrated installation process Used by Tomcat for communication with a web connector using the AJP protocol instead of HTTP |
|
8180 |
Identity Applications |
Used for HTTP communications by the Tomcat application server on which the identity applications run |
|
8443 |
Identity Applications iManager |
Used by Tomcat for HTTPS (SSL) communication or redirecting requests for SSL communication |
|
8543 |
Identity Applications |
Not listening, by default Used by Tomcat to redirect requests that require SSL transport when you do not use TLS/SSL protocol |
|
9009 |
iManager |
Used by Tomcat for MOD_JK |
|
5432 |
Identity Reporting |
Used for the PostgreSQL database Sentinel |
|
45654 |
User Application |
Used by the server on which the database for the identity applications are installed to listen for communications, when running Tomcat with a cluster group |