For Linux\UNIX platforms you can install the Metadirectory server as root or a non-root user. The installation procedure is different if you are using the non-root installation. See Section 7.5.1, Non-root Installation of the Metadirectory Server for the installation instructions.
This procedure covers the GUI installation of the Metadirectory server, Web components, and utilities for the different platforms that Identity Manager supports. If you want to do a silent installation of these components, see Section 7.5.2, Silent Installation of the Metadirectory Server.
Verify that you have met the system requirement list in Section 6.0, System Requirements.
Ensure that you have downloaded the necessary Identity Manager files from the Novell Downloads Web site. For more information, see Section 5.0, Where to Get Identity Manager.
(Linux\UNIX only) To verify that the environment variables for eDirectory are exported before starting the installation on Linux/UNIX, go to a command prompt and enter:
set | grep PATH
The environment variables set the path for the eDirectory installation. The eDirectory installation path is listed if the environment variables are set. If the environment variables are not set, the installation of Identity Manager fails.
To set the environment variables for your current shell:
. /opt/novell/eDirectory/bin/ndspath
You must have the space between the . and the / for the command to work. For more information, see “Using the nds-install Utility to Install eDirectory Components”.
Start the installation, by using the correct program for your platform.
Linux - GUI Install: IDM4.0.1_Lin/products/IDM/install.bin
On UNIX platforms, the installer is invoked in the GUI mode by default. To invoke idm_linux.bin in the GUI mode, you must specify [-i gui] option.
Linux - Command Line Install: IDM4.0.1.1_Lin/products/IDM/install.bin -i console
Solaris - GUI Install: IDM4.0.1_Solaris/products/IDM/install.bin
Solaris - Command Line Install: IDM4.0.1_Solaris/products/IDM/install.bin -i console
To execute the binary files on Linux or Solaris, enter ./install.bin [-i {gui | console}].
Windows: IDM4.0.1_Win:\products\IDM\windows\setup\idm_install.exe
Use the following information to complete the installation:
Select Components: Select the Metadirectory server. You can also select Connected Systems, iManager plug-ins, and utilities from the same installation page.
Novell Identity Manager Metadirectory Server: This option requires the Identity Vault to be installed on this server and installs a 32-bit or a 64-bit Identity Manager based on the version of already installed eDirectory. It extends the schema for Identity Manager and installs the Metadirectory server and the Identity Manager drivers.
Novell Identity Manager Connected System Server (32-bit): This option does not require the Identity Vault to be installed on this server. Select this option only if you are installing the 32-bit Remote Loader. For more information, see Section 7.6, Installing the Remote Loader.
Novell Identity Manager Connected System Server (64-bit): This option does not require the Identity Vault to be installed on this server. Select this option only if you are installing the 64-bit Remote Loader. For more information, see Section 7.6, Installing the Remote Loader.
Novell Identity Manager Connected System Server (.NET): This option (Windows only) installs the .NET Remote Loader service and the SharePoint driver on this server.
Novell Identity Manager Plug-ins for Identity Manager: Select this option if you have iManager installed on this server. It installs the iManager plug-ins for Identity Manager.
Utilities: Utilities help you configure the drivers for the connected systems. Not all drivers have utilities. If you are sure you need this, select it. It does not use much disk space.
Customize the selected components: This option enables you to customize the components that you have selected to install. Before selecting this option, you should select the relevant components to install.
Activate Identity Manager. For more information, see Section 8.0, Activating Novell Identity Manager Products.
Specify a user and password that has sufficient rights in eDirectory to extend the schema. Specify the username in the LDAP format. For example, cn=idmadmin,o=company.
Create and configure your driver objects. This information is contained in each driver guide. For more information, see Identity Manager Drivers documentation.
(Optional) For default installed locations, see /tmp/idmInstall.log.
You can install Identity Manager as a non-root user to enhance the security of your UNIX/Linux server. You cannot install Identity Manager as a non-root user if eDirectory is installed by root.
The non-root installation does not install the following items:
Remote Loader: Use the Java Remote Loader if you need to install the Remote Loader as a non-root user. For more information, see Section 7.6.5, Installing the Java Remote Loader on UNIX or Linux.
UNIX/Linux Account Driver: Requires root privileges to function.
Novell Sentinel Platform Agent: Install Novell Sentinel Platform Agent by root. Create Dirxml.properties in the /etc/opt/novell/sentinelpa/conf directory. The location where the event log file is generated (/var/opt/novell/sentinelpa/data/AuditEvents.log is the default location) should have the write permission for a non-root user.
Use the following procedure to run the non-root installation of the Metadirectory server:
Ensure that you have downloaded the necessary Identity Manager files from the Novell Downloads Web site. For more information, see Section 5.0, Where to Get Identity Manager.
Install eDirectory 8.8.6 or later as a non-root user. For more information, see Non-root User Installing eDirectory 8.8.6
.
Log in as the non-root user used to install eDirectory.
You should install Identity Manager as the same user you used to install the non-root version of eDirectory. The user who installs Identity Manager must have write access to the directories and files of the non-root eDirectory installation.
Execute the installation program for your platform.
Linux: IDM4.0.1_Lin/products/IDM/linux/setup/idm-nonroot-install
Solaris: IDM4.0.1_Solaris/products/IDM/solaris/setup/idm-nonroot-install
Use the following information to complete the installation:
Base Directory for the non-root eDirectory Installation: Specify the directory where the non-root eDirectory installation is. For example, /home/user/install/eDirectory.
Extend eDirectory Schema: If this is the first Identity Manager server installed into this instance of eDirectory, enter Y to extend the schema. If the schema is not extended, Identity Manager cannot function.
You are prompted to extend the schema for each instance of eDirectory owned by the non-root user that is hosted by the non-root eDirectory installation.
If you do select to extend the schema, specify the full distinguished name (DN) of the eDirectory user who has rights to extend the schema. The user must have the Supervisor right to the entire tree to extend the schema. For more information about extending the schema as a non-root user, see the schema.log file that is placed in the data directory for each instance of eDirectory.
Run the /opt/novell/eDirectory/bin/idm-install-schema program to extend the schema on additional eDirectory instances after the installation is complete.
Utilities: (Optional) If you need an Identity Manager driver utility, you must copy the utilities from the Identity Manager installation media to the Identity Manager server. All utilities are found in the IDM4.0.1_platform/product/IDM/platform/setup/utilities directory.
Activate Identity Manager. For more information, see Section 8.0, Activating Novell Identity Manager Products.
Create and configure the driver objects. This information is contained in each driver guide. For more information, see the Identity Manager Drivers documentation.
In order to run a silent installation of Identity Manager you must create a properties files with the parameters required to complete the installation. There is a sample file included on the Identity Manager media:
Linux: IDM4.0.1_Lin/products/IDM/linux/setup/silent.properties
Solaris: IDM4.0.1_Solaris/products/IDM/solaris/setup/silent.properties
Windows: IDM4.0.1_Win:\products\IDM\windows\setup\silent.properties
Start the silent installation by using the correct program for your platform:
Linux: IDM4.0.1_Lin/products/IDM/install.bin -i silent -f <filename>.properties
Solaris: IDM4.0.1_Solaris/products/IDM/install.bin -i silent -f <filename>.properties
Windows: IDM4.0.1_Win:\products\IDM\windows\setup\idm_install.exe -i silent -f <filename>.properties
Create a property file <filename>.properties with the following attributes, in the location from where you run the Identity Manger installer:
For default installed locations, see /tmp/idmInstall.log.
If you have installed iManager, and you later want to install iManager plug-ins, you must set the WEB_ADMIN_SELECTED value to true.
If you want to do a silent installation of Identity Manager on multiple instances, you must make sure that the <filename>.properties file has the following lines:
The password is stored in a file for the silent installation of Metadirectory. You can also use the EDIR_USER_PASSWORD environment variable to supply the password instead of writing it in a file. If the EDIR_USER_PASSWORD variable is not set in the properties file, the installer reads the value from the EDIR_USER_PASSWORD environment variable.