You must install the NetIQ Modular Authentication Service (NMAS) client software on each client workstation where you want to use the NMAS login methods. You specify the login methods when installing the Identity Vault.
The Identity Vault installation utility (nds-install) includes NMAS as a component of the installation process. NetIQ provides two utilities that you can use to configure NMAS:
Use this utility to configure both the Identity Vault and NMAS after you install Identity Vault. This utility does not install the NMAS login methods.
Use this utility if you have already configured Identity Vault and want to configure NMAS only. This utility installs the NMAS login methods.
NOTE:Before installing the NMAS login methods, you must configure the Identity Vault using the ndsconfig utility. Also, you must have administrative rights to the tree.
This process creates objects in the Security container that NMAS needs, and installs the LDAP extensions for NMAS on the LDAP Server object in eDirectory.
The first time that you install NMAS in a tree, you must be logged in with enough rights to create objects in the Security container. However, subsequent installations can be done by container administrators with read-only rights to the Security container. nmasinst will verify that the NMAS objects exist in the Security container before it tries to create them.
The nmasinst utility does not extend the schema. Instead, the Identity Vault installation includes the NMAS schema as part of the base eDirectory schema.
To configure NMAS and create NMAS objects in eDirectory:
Enter the following at the server console command line:
nmasinst -i admin.context tree_name
Enter the password.
You can use the nmasinst utility to install NMAS login methods. You must specify config.txt file for the login method that you want to install. Each login method has a config.txt file.
At the server console command line, enter the following command:
nmasinst -addmethod admin.context tree_name config.txt_path
For example, to use the -addmethod command, enter:
nmasinst -addmethod admin.netiq MY_TREE ./nmas-methods/novell/Simple Password/ config.txt
If the login method already exists, the nmasinst utility will update it.
For more information, see “Managing Login and Post-Login Methods and Sequences” in the NetIQ Modular Authentication Services Administration Guide.
Log in to the Windows client workstation with an administrator account.
Run the nmasinstall.exe program from the installation directory, by default IDM4.5_Win:\products\eDirectory\processor_type\nmas\.
Click NMAS Client Components.
(Optional) Select the NICI option to install the NICI component.
Click OK.
After the installation process completes, restart the client workstation.