Before you install Self Service Password Reset, you must decide where you want to install it. You must select a platform specific installer to install the product. Use the following information to install the platform specific version that is appropriate for your environment.
You can deploy a virtual appliance that contains Self Service Password Reset as one of the installation options. The currently supported platforms for the appliance are VMware and Hyper-V. We recommend that you have a good understanding of the virtual platform before deploying the appliance.
The following is the minimum requirements required to deploy the Self Service Password Reset appliance. Ensure that you meet these minimum requirements before deploying the appliance.
Table 3-2 Self Service Password Reset Appliance Requirements
|
Component |
Requirements |
|---|---|
|
Virtual Systems |
|
|
Memory |
2 GB of RAM |
|
Hard disk space |
40 GB |
|
Browsers |
|
|
IP Ports |
Ensure that the default ports for the Self Service Password Reset appliance are open in your firewall. For more information, see Default Ports for Self Service Password Reset. |
|
LDAP Directories |
|
|
Remote Databases |
|
Before you deploy the appliance, ensure that you meet all of the appliance requirements and that you have downloaded and extracted the appropriate version of the appliance.
To deploy the Self Service Password Reset appliance:
Deploy the appliance to your virtual environment. For more information, see:
Hyper-V: Importing a Virtual Machine.
VMware: Deploy an OVF Template.
Power on the appliance.
Select the appropriate language, then read the license and click Accept.
Use the following information to configure the appliance:
Specify a password for the root user on the appliance.
Specify a primary and secondary NTP server used to keep time on the appliance.
Select your region and time zone.
Specify a hostname for the appliance, then select whether to use a static IP address or DHCP. If you use a static IP address, you must specify the IP address, subnet mask, the gateway, and the DNS servers.
Click Finish and wait for the appliance initialization to complete.
After you complete the deployment of the appliance, you must configure your environment to work with Self Service Password Reset. For more information, see Section 4.0, Configuring Your Environment for Self Service Password Reset.
Installing Self Service Password Reset on Windows server is another configuration option. There is a .msi executable file that installs Self Service Password Reset on a Windows server. Use the following information to install Self Service Password Reset on Windows.
The following is the minimum requirements required to deploy the Self Service Password Reset on a Windows server. Ensure that you meet these minimum requirements before starting the installation.
Table 3-3 Self Service Password Reset on Windows Requirements
|
Component |
Requirements |
|---|---|
|
Windows Platforms |
Microsoft Windows Server 2012 R2 (64-bit) |
|
Memory |
1 GB of RAM |
|
Hard disk space |
5 GB |
|
Browsers |
|
|
IP Ports |
Ensure that the default ports for the Self Service Password Reset appliance are open in your firewall. For more information, see Default Ports for Self Service Password Reset. |
|
LDAP Directories |
|
|
Remote Databases |
|
|
Java |
NOTE:The .msi file supplies Java and installs it for you. Any other version of Java is not supported. The patches contain updates for Java. It is important to install patches to have the latest security updates. |
|
Apache Tomcat |
NOTE:The .msi file supplies Apache Tomcat and installs it for you. Any other version of Apache Tomcat is not supported. The patches contain updates for Apache Tomcat. It is important to install patches to have the latest security updates. |
Ensure that you have met all of the installation requirements for installing Self Service Password Reset on Windows and that you have downloaded an extracted the .msi file before beginning the installation.
To install Self Service Password Reset on Windows:
Launch the sspr.x.x.msi file.
Read the notice for Self Service Password Reset, then click Next.
Read and accept the end user license, then click Next.
Specify the path for the installation of Self Service Password Reset, then click Next.
In Configure SSPR-Service URLs, specify the following:
Specify the port number for Apache Tomcat shutdown port.
Specify the secure port for Self Service Password Reset service.
Select the firewall setting for Self Service Password to use on the Windows server. The installer selects the open HTTPS Windows firewall port by default. The options for the firewall are:
This enables users to use Self Service Password Reset on a domain, private or public networks.
This enables users to use Self Service Password Reset on a domain network only.
This enables users to use Self Service Password Reset on a private network.
This enables users to use Self Service Password Reset on a public network.
Click Next, then click Install.
Click Install.
Record the HTTPS Secure URL, then click Finish.
After completing the installation, you must configure your environment to work with Self Service Password Reset. For more information, see Section 4.0, Configuring Your Environment for Self Service Password Reset.
Self Service Password Reset is a web application. When you install Self Service Password Reset, you are deploying a WAR (Web application ARchive) file as Java servlet application running on the Apache Tomcat web server. The WAR file contains an Apache Tomcat implementation of the Self Service Password Reset application. The following procedures work for the supported distributions of Linux.
The following is the minimum requirements required to deploy the Self Service Password Reset on a Linux server. Ensure that you meet these minimum requirements before starting the installation.
Table 3-4 Self Service Password Reset WAR File Requirements on Linux
|
Component |
Requirements |
|---|---|
|
Linux Platforms |
|
|
Memory |
1 GB of RAM |
|
Hard disk space |
5 GB |
|
Browsers |
|
|
IP Ports |
Ensure that the default ports for the Self Service Password Reset appliance are open in your firewall. For more information, see Default Ports for Self Service Password Reset. |
|
LDAP Directories |
|
|
Remote Databases |
|
|
Java |
Java JDK 1.8.0_112 (Java 8u112) or later of the 1.8.0_xxx branch IMPORTANT:You must install this version of Java on the Linux server prior to deploying the WAR file. You must be familiar with the installation, configuration, and maintenance of this component. |
|
Apache Tomcat |
IMPORTANT:You must install this version of Apache Tomcat on the Linux server prior to deploying the WAR file. You must be familiar with the installation, configuration, and maintenance of this component. |
You must have Java and Apache Tomcat installed and running on Linux before you deploy the WAR file. If you already have Java and Tomcat installed, proceed to Setting Operating System Environment Variables. Follow these steps to install and validate the installation of Java and Tomcat.
To install Java and Tomcat:
Install Java 8. For more information, see JDK 8 and JRE 8 Installation
.
Verify JAVA_HOME (or JRE_HOME) path is set appropriately by entering:
echo $JAVA_HOME
or
echo $JRE_HOME
Install Tomcat 8. For more information, see Tomcat Setup
.
Start Tomcat by executing the catalina.sh script in the Tomcat_Home/bin directory.
./catalina.sh start
Validate you can access http://localhost:port. The default port is 8080.
Check the Tomcat_Home/logs/catalina.out file for any errors if you are unable to access the default Tomcat page.
Self Service Password Reset, as a Java servlet application running on Apache Tomcat, requires several operating system environmental variables to be set. There are various methods for setting environmental variables depending on the operating system. The recommended place to specify these variables is a setenv script. For more information, see Section 3.4 in the Apache Tomcat documentation.
The following are the Self Service Password Reset specific environment variables:
SSPR_APPLICATIONPATH (Required): Specifies where Self Service Password Reset stores its configuration data file (SSPRConfiguration.xml). This file contains all of the Self Service Password Reset configuration data. The specified path must exist prior to starting Self Services Password Reset.
For example: export SSPR_APPLICATIONPATH="/etc/opt/microfocus/sspr"
CATALINA_OPTS: Allows specification of additional options for the Java command that starts Apache Tomcat. The recommended Java options for the Self Service Password Reset Java servlet application running on Apache Tomcat include:
-Xms
Specifies the initial heap memory allocation pool.
-Xmx
Specifies the maximum heap memory allocation pool for a Java Virtual Machine (JVM).
Setting the initial and maximum heap memory size to the same size is a best practice because the JVM does not increase heap memory size at runtime. The recommended SSPR heap memory size is 1 GB (1024 MB). For more information about how to set Java heap size, see the Apache Tomcat documentation.
For example: export CATALINA_OPTS="-Xms1024M -Xmx1024M"
The following is an example of a setenv script located here Tomcat_Home/bin/setenv.sh:
export SSPR_APPLICATIONPATH="/etc/opt/microfocus/sspr" export CATALINA_OPTS="-Xms1024M -Xmx1024M"
After you have installed Java and Apache Tomcat and they are running with the appropriate OS environmental variables set, you must deploy the Self Service Password Reset WAR file. Ensure that you have downloaded and extracted the file. For more information, see Obtaining Self Service Password Reset.
To deploy the WAR file on Linux:
Copy the sspr.war file to the Tomcat_Home/webapps/ directory.
When Apache Tomcat discovers the sspr.war file in the Tomcat_Home/webapps/ directory, Apache Tomcat auto-deploys Self Service Password Reset in an automatically created directory; Tomcat_Home/webapps/sspr/.
Stop Apache Tomcat by running the catalina.sh script in the Tomcat_Home/bin directory.
./catalina.sh stop
Start Apache Tomcat by running the catalina.sh script in the Tomcat_Home/bin directory.
./catalina.sh start
After deploying the WAR file, you must configure your environment to work with Self Service Password Reset. For more information, see Section 4.0, Configuring Your Environment for Self Service Password Reset.