When you perform a standalone installation, you should install the components in a specific order and on specific servers. The order depends on the type of event auditing service that you want to use and whether you want to include Identity Reporting. The installation programs for some components require information about previously installed components. For example, Identity Reporting needs access to the event auditing service and the identity applications.
This section helps you determine installation order and server types, according to specific scenarios for auditing and reporting.
Section 5.3.1, Send Events to an External Auditing Service without Reporting in Identity Manager
Section 5.3.2, Send Events to Identity Manager and Generate Reports
Section 5.3.3, Send Events to an External Service Before Pushing Events to Identity Manager
Section 5.3.5, Selecting an Operating System Platform for Identity Manager
In this scenario, you plan to use a service such as NetIQ Sentinel to audit events that occur in Identity Manager. You have no plans for generating reports in Identity Manager. Install the components in the following order:
External auditing service, such as Sentinel
Identity Vault
Identity Manager engine, drivers, and iManager plug-ins
(Optional) iManager
Designer
Tomcat and PostgreSQL
OSP and SSPR
Identity Applications
(Optional) Analyzer
In this scenario, you plan to use the NetIQ Event Auditing Service that ships with Identity Manager to audit Identity Manager. You might also generate reports for those events. Install the components in the following order:
Identity Vault
Identity Manager engine, drivers, and iManager plug-ins
(Optional) iManager
Designer
Event Auditing Service
Tomcat and PostgreSQL
OSP and SSPR
Identity Applications
Identity Reporting
(Optional) Analyzer
In this scenario, you plan to use a service such as Sentinel to audit Identity Manager. However, you might also push some events to the Event Auditing Service in Identity Manager for reporting. Install the components in the following order:
External auditing service, such as Sentinel
Identity Vault
Identity Manager engine, drivers, and iManager plug-ins
(Optional) iManager
Designer
Tomcat and PostgreSQL
OSP and SSPR
Identity Applications
NetIQ Event Auditing Service
Identity Reporting
(Optional) Analyzer
In a typical production environment, you might install Identity Manager on seven or more servers, as well as on client workstations. For example:
Computer setup |
Component setup |
---|---|
Servers 1 and 2 (two-server directory replica) |
|
Servers 3 and 4 (two-server cluster) |
|
Server 5 (or a cluster of servers) |
Identity Manager databases:
|
Server 6 (not in a cluster) |
Identity Reporting |
Server 7 |
an event auditing service |
Client workstations (1+) |
|
You can install the Identity Manager components on a variety of operating system platforms. The following table helps you determine which servers you might want to use for your identity management solution.
Platform |
Component |
---|---|
Open Enterprise Server (OES) |
Event Auditing Service Identity applications Identity Manager engine Identity Reporting Identity Vault iManager (server) One SSO Provider PostgreSQL Remote Loader Self Service Password Reset Tomcat |
openSUSE |
Analyzer Designer iManager Workstation (client) |
Red Hat Linux Server (RHEL) |
Event Auditing Service Identity applications Identity Manager engine Identity Reporting Identity Vault iManager (server) One SSO Provider PostgreSQL Remote Loader Self Service Password Reset Tomcat |
SUSE Linux Enterprise Server (SLES) |
Analyzer Event Auditing Service Designer Identity applications Identity Manager engine Identity Reporting Identity Vault iManager (server) One SSO Provider Remote Loader Self Service Password Reset PostgreSQL Tomcat |
Windows desktop |
Analyzer Designer iManager Workstation (client) Browser access to the identity applications and Identity Reporting |
Windows Server |
Analyzer Designer Identity applications Identity Manager engine Identity Reporting Identity Vault iManager (server) One SSO Provider PostgreSQL Remote Loader Self Service Password Reset Tomcat |
For more information about system requirements and prerequisites, see the following sections: