3.3 Deployment Requirements of Self Service Password Reset

Ensure that you meet the following deployment requirements for your selected platforms. For example, if you are deploying the Self Service Password Reset appliance, ensure that you have met the deployment requirements for the appliance.

3.3.1 Deployment Requirements for the Appliance

Ensure that you have read and understand about your different deployments and where you want to store the users’ information. For more information, see Selecting an Appropriate Deployment.

The following table contains the minimum requirements required to deploy the Self Service Password Reset appliance. Ensure that you meet these minimum requirements before deploying the appliance.

Table 3-2 Self Service Password Reset Appliance Requirements

Component

Requirements

Virtual Systems

  • Hyper-V 2016 (version 10 with the latest patches)

  • VMware ESX 6.5 or later

    NOTE:Your VMware license must be Enterprise or Enterprise Plus if you want to use remote serial connections. For more information, please refer to VMware support.

    For more information, see the VMware documentation.

Memory

3 GB of RAM

Hard disk space

40 GB

Browsers

  • Mozilla Firefox 64.0 (64-bit) or later

  • Google Chrome 71.0.3578.98 (64-bit) or later

  • Edge 42.17134.1.0 or later

  • Microsoft Internet Explorer 11.472.171.34.0 or later

IP Ports

Ensure that the default ports for the Self Service Password Reset appliance are open in your firewall. For more information, see Default Ports for Self Service Password Reset.

LDAP Directories

  • Microsoft Azure Active Directory

    NOTE:You can only store the users’ challenge-response information in a supported database. You cannot store the users’ challenge-response information in the Azure Active Directory.

  • Microsoft Active Directory

    • 2016

    • 2012

    IMPORTANT:Self Service Password Reset does not support the Active Directory Global catalog services. Instead, you can configure multiple profiles for different domains to represent the data repository for each domain. For more information about creating multiple profiles, see Configuring Policies in the Self Service Password Reset 4.4 Administration Guide.

  • NetIQ eDirectory

    • 9.0 SP4

    • 8.8 SP8 Patch 10 or later

  • Oracle Directory Server 11g

Remote Databases

  • Microsoft SQL Server

    • 2017

    • 2016

    • 2012

  • Oracle Database 12c

  • PostgreSQL 9.6.3

    IMPORTANT:If you select to use a remote database to store your users’ challenge-response information, you must create an empty database before installing Self Service Password Reset. The Self Service Password Reset Configuration Guide creates the appropriate tables and schema for the database that you select to use.

License

The appliance is the only platform that requires a license. The license is required to receive online updates. Obtain the license from the Customer Care Center. You add the license to the appliance administration console after you complete the installation. For more information, see Performing an Online Update in the Self Service Password Reset 4.4 Administration Guide.

After you have met the deployment requirements, you must deploy the appliance. For more information, see Deploying the Self Service Password Reset Appliance.

3.3.2 Deployment Requirements for Self Service Password Reset on Windows

Ensure that you have read and understand about your different deployments and where you want to store the users’ information. For more information, see Selecting an Appropriate Deployment.

The following table contains the minimum requirements required to deploy the Self Service Password Reset on a Windows server. Ensure that you meet these minimum requirements before starting the installation.

Table 3-3 Self Service Password Reset on Windows Requirements

Component

Requirements

Windows Platforms

  • Microsoft Windows Server

    • 2016

    • 2012 R2 (64-bit)

Cloud Platforms

  • Microsoft Azure Marketplace Platform

    • Windows Server 2016 VM

Memory

1 GB of RAM

NOTE:Azure DS1_V2 Standard size

Hard disk space

5 GB

Browsers

  • Mozilla Firefox 64.0 (64-bit) or later

  • Google Chrome 71.0.3578.98 (64-bit) or later

  • Edge 42.17134.1.0 or later

  • Microsoft Internet Explorer 11.472.171.34.0 or later

IP Ports

Ensure that the default ports for the Self Service Password Reset appliance are open in your firewall. For more information, see Default Ports for Self Service Password Reset.

LDAP Directories

  • Microsoft Azure Active Directory

    NOTE:You can only store the users’ challenge-response information in a supported database. You cannot store the users’ challenge-response information in the Azure Active Directory.

  • Microsoft Active Directory

    • 2016

      IMPORTANT:Self Service Password Reset does not support the Active Directory Global catalog services. Instead, you can configure multiple profiles for different domains to represent the data repository for each domain. For more information about creating multiple profiles, see Configuring Policies in the Self Service Password Reset 4.4 Administration Guide.

    • Active Directory Domain Service (AD DS)

      NOTE:This version of the Active Directory Domain Service is only supported when you deploy the .msi file on Azure.

    • 2012

  • NetIQ eDirectory

    • 9.0 SP4

    • 8.8 SP8 Patch 10 or later

    NOTE:eDirectory is not currently supported in Amazon Web Service or Azure environments.

  • Oracle Directory Server 11g

Remote Databases

  • Microsoft SQL Server

    • 2017

    • 2016

    • 2012

  • Oracle Database 12c

  • PostgreSQL 9.6.3

    IMPORTANT:If you select to use a remote database to store your users’ challenge-response information, you must create an empty database before installing Self Service Password Reset. The Self Service Password Reset Configuration Guide creates the appropriate tables and schema for the database that you select to use.

Java

Java - AdoptOpenJDK - Hotspot -11.0.1+13

NOTE:The .msi file supplies this version of Java and installs it for you. Any other version of Java is not supported.

Apache Tomcat

Apache Tomcat 9.0.14

NOTE:The .msi file supplies this version of Apache Tomcat and installs it for you. Any other version of Apache Tomcat is not supported.

After you have met deployment requirements, you must install Self Service Password Reset on a Windows server. For more information, see Deploying Self Service Password Reset on Windows.

3.3.3 Deployment Requirements for Self Service Password Reset WAR File on Linux

Ensure that you have read and understand about your different deployments and where you want to store the users’ information. For more information, see Selecting an Appropriate Deployment.

The following table contains the minimum requirements required to deploy the Self Service Password Reset on a Linux server. Ensure that you meet these minimum requirements before starting the installation.

Table 3-4 Self Service Password Reset WAR File Requirements on Linux

Component

Requirements

Linux Platforms On-Premise

  • SUSE Linux Enterprise Server 12 SP3 or later (64-bit)

  • SUSE Linux Enterprise Server 11 SP4 (64-bit)

  • Red Hat Enterprise Linux 7.4 or later (64-bit)

Cloud Platforms

  • Amazon Web Service EC2 Linux Platform

    • SUSE Linux Enterprise Server 12 SP3 (HVM), SSD Volume

Memory

1 GB of RAM

NOTE:AWS EC2 instance type: t2.micro

Hard disk space

5 GB

Browsers

  • Mozilla Firefox 64.0 (64-bit) or later

  • Google Chrome 71.0.3578.98 (64-bit) or later

  • Edge 42.17134.1.0 or later

  • Microsoft Internet Explorer 11.472.171.34.0 or later

IP Ports

Ensure that the default ports for the Self Service Password Reset appliance are open in your firewall. For more information, see Default Ports for Self Service Password Reset.

LDAP Directories

  • Microsoft Azure Active Directory

    NOTE:You can only store the users’ challenge-response information in a supported directory. You cannot store the users’ challenge-response information in the Azure Active Directory.

  • Microsoft Active Directory

    • 2016

      IMPORTANT:Self Service Password Reset does not support the Active Directory Global catalog services. Instead, you can configure multiple profiles for different domains to represent the data repository for each domain. For more information about creating multiple profiles, see Configuring Policies in the Self Service Password Reset 4.4 Administration Guide.

    • Active Directory Domain Service (AD DS)

      NOTE:This version of the Active Directory Domain Service is only supported when you deploy the WAR file on AWS.

    • 2012

  • NetIQ eDirectory

    • 9.0 SP4

    • 8.8 SP8 Patch 10

    NOTE:eDirectory is not currently supported in Amazon Web Service or Azure environments.

  • Oracle Directory Server 11g

Remote Databases

  • Microsoft SQL Server

    • 2017

    • 2016

    • 2012

  • Oracle Database 12c

  • PostgreSQL 9.6.3

    IMPORTANT:If you select to use a remote database to store your users’ challenge-response information, you must create an empty database before installing Self Service Password Reset. The Self Service Password Reset Configuration Guide creates the appropriate tables and schema for the database that you select to use.

Java

Java 8.x and Java 11.x

IMPORTANT:You must install Java on the Linux server prior to deploying the WAR file. You must be familiar with the installation, configuration, and maintenance of Java.

Apache Tomcat

Apache Tomcat 9.0.14 or later

IMPORTANT:You must install Apache Tomcat on the Linux server prior to deploying the WAR file. You must be familiar with the installation, configuration, and maintenance of Apache Tomcat.

After you have met the deployment requirements, you must deploy the WAR file. For more information, see Deploying the WAR File on Linux