2.1 About the Identity Reporting Installation Process

The process of installing the Identity Reporting Module requires that you run two separate install programs:

You need to run the EAS install program before running the Identity Reporting Module.

NOTE:You must have the Roles Based Provisioning Module (RBPM) installed before beginning the installation of the reporting module. The reason for this is that the RBPM and the reporting module need to be installed on the same application server so that they can share a secure SSL connection.

The remaining topics in this section provide instructions for running the stand-alone versions of each of these install programs. You can also use the Integrated Installer for Identity Manager, which runs these install programs for you. For more information, see the Identity Manager 4.0.1 Integrated Installation Guide

The Identity Reporting Module relies on the following drivers:

These drivers are installed automatically by the Integrated Installer for Identity Manager, so the steps provided in this section are only necessary if you are running the stand-alone versions of the install programs.

2.1.1 System Requirements

The Event Auditing Service (EAS) runs on SUSE Linux Enterprise Server 11 (32-bit and 64-bit). You need to launch the installer for EAS on a SUSE Linux Enterprise Server machine.

NOTE:EAS requires that ksh be installed on the SLES machine. A standard installation of SLES includes ksh. If you remove it, the init.d script will not execute properly.

The reporting module can be installed and run in a variety of environments.

IMPORTANT:The reporting module must have an exclusive EAS running on a separate Linux machine. You cannot have multiple reporting instances communicating with a single EAS environment.

To use the reporting module, you must meet the following system requirements:

Table 2-1 System Requirements for the Identity Reporting Module

Required System Component

System Requirements

Application Server

The reporting module runs on JBoss, WebSphere, and WebLogic as described below.

The reporting module with JBoss 5.1.0 requires JRE 1.6.0-20 from Sun and is supported on:

  • Windows Server 2003 SP2 (32-bit)

  • Windows Server 2008 R2 (64-bit)

  • Windows Server 2008 SP1 (32-bit and 64-bit)

  • Open Enterprise Server 2 SP3 (32-bit and 64-bit)

  • SUSE Linux Enterprise Server 10 SP3 (32-bit and 64-bit)

  • SUSE Linux Enterprise Server 11 SP1 (32-bit and 64-bit)

  • Red Hat Linux 5.4 (32-bit and 64-bit) and 6.0 (32-bit and 64-bit)

The reporting module on WebSphere 7.0 requires the IBM J9 VM (build 2.4, J2RE 1.6.0). It is supported on these platforms:

  • Windows Server 2003 SP2 (32-bit)

  • Windows Server 2008 R2 (64-bit)

  • Windows Server 2008 SP1 (32-bit and 64-bit)

  • Open Enterprise Server 2 SP3 (32-bit and 64-bit)

  • SUSE Linux Enterprise Server 10 SP3 (32-bit and 64-bit)

  • SUSE Linux Enterprise Server 11 SP1 (32-bit and 64-bit)

  • Red Hat Linux 5.4 (32-bit and 64-bit) and 6.0 (32-bit and 64-bit)

The reporting module on WebLogic 10.3 requires JRockit JVM 1.6.0_05 and is supported on these platforms.

  • Windows Server 2003 SP2 (32-bit)

  • Windows Server 2008 R2 (64-bit)

  • Windows Server 2008 SP1 (32-bit and 64-bit)

  • Open Enterprise Server 2 SP3 (32-bit and 64-bit)

  • SUSE Linux Enterprise Server 10 SP3 (32-bit and 64-bit)

  • SUSE Linux Enterprise Server 11 SP1 (32-bit and 64-bit)

  • Red Hat Linux 5.4 (32-bit and 64-bit) and 6.0 (32-bit and 64-bit)

NOTE:The reporting module supports Xen and VMWare virtualization as long as the guest operating system is one that is supported by the reporting module.

Database Server

PostgreSQL 8.4.3. (This is the only database supported with the reporting module.)

Metadirectory

eDirectory 8.8 SP6 with Identity Manager 4.0.1

For the list of supported operating systems, see the Identity Manager and eDirectory documentation.

Browser

The User Application supports both Firefox and Internet Explorer, as described below.

FireFox 3.6 and 4.0 are supported on:

  • Windows XP with SP3

  • Windows Vista

  • Windows 7

  • SUSE Linux Enterprise Desktop 11

  • SUSE Linux Enterprise Server 11

  • Novell OpenSuSE 11 SP2

  • Apple Mac

Internet Explorer 8 and 9 are supported on:

  • Windows XP with SP3

  • Windows Vista

  • Windows 7

Internet Explorer 7 is supported on:

  • Windows XP with SP3

Uninstalling EAS or the Identity Reporting Module In order to conserve disk space, the installation programs for EAS and the Identity Reporting Module do not install a Java virtual machine (JVM). Therefore, if you need to uninstall one or more components, you need to be sure you have a JVM available and also make sure that the JVM is in the PATH. If you encounter an error during an uninstall, add the location of a JVM to the local PATH environment variable and run the uninstall program again.

2.1.2 About the EAS Installer

The installer for the Event Auditing Service (EAS) performs these functions:

  • Installs and optionally configures the service

  • Configures the user who is able to perform administration tasks for the service

  • Configures the DBA used by the service to interact with the database

  • Allows you to define the port on which the PostgreSQL database runs

EAS runs on SUSE Linux Enterprise Server 11. You need to launch the installer for EAS on a SUSE Linux Enterprise Server machine.

2.1.3 About the Identity Reporting Installer

The installer for the reporting module performs these functions:

  • Allows you to choose an application server platform

  • Deploys the client WAR file to the application server

    This WAR file contains the user interface components for reporting.

  • Deploys the core WAR file

    This WAR file contains the core REST services needed for reporting.

  • Deploys the authentication services WAR file

    This WAR file contains the authentication services, which control authentication to the reporting module.

  • Defines the location of the server for the Event Auditing Service (installed separately)

  • Creates the reporting schema in the Security Information and Event Management (SIEM) database

  • Configures the PostgreSQL JDBC driver that connects to the SIEM database

  • Configures the authentication services for the reporting module

  • Configures the e-mail delivery system for the reporting module

  • Configures the core reporting services for the reporting module

2.1.4 Users Created During the Installation Process

The EAS installation process creates a novell group and novell user. The novell user is created without a password. If you want to log in as the novell user later (for example, to install patches), create a password for this user after the installation is completed.

In addition, when you install EAS and the Identity Reporting Module, the following database users are created automatically:

Table 2-2 Database Users Created By the Install Process

User name

Description

dbauser

Administrator of the PostgreSQL server and owner of the EAS schema and views.

admin

User identity for use with EAS administrative utilities.

idmrptsrv and idmrptuser

Owner of the Identity Reporting schema and views, as well as credentials used for Identity Reporting database connectivity.

rptuser and appuser

Reserved for compatibility with Sentinel.