Novell Doc: Identity Manager 3.5.1 Installation Guide - Identity Manager Installation Programs and Services

1.4 Identity Manager Installation Programs and Services

The following sections explain Identity Manager’s Installation Programs and Services. This section points out the different services that make up a fully functioning Identity Manager.

1.4.1 Installation Programs

Identity Manager has three distinct installation programs with seven services to install and configure. The graphic below gives you an overview of all of the services necessary to make Identity Manager fully functional.

Figure 1-1 Graphic Overview of the Seven Identity Manager Services

Below is the list of the installation programs and what each installation does:

NOTE:Before installing Identity Manager components, you need to first install prerequisite software including eDirectory 8.7.3.6 or later (for the services shown in numbers 1 and 3 in the graph above), Security Services 2.0.4 with NMAS™ 3.1.3 (for numbers 1 and 3), iManager 2.6 or later (for number 2), and Novell Audit 2.0.2 Starter Pack or Novell® Sentinel™ 5.1.3 (for number 3). You can get the prerequisite software from the Novell Download Web site. For a detailed list of prerequisites and requirements, see Section 1.5, System Requirements for Identity Manager.

Identity Manager Metadirectory System Installation

The installation process performs the following functions:

Extends the eDirectory schema for the Identity Manager product as a whole.
Installs the Metadirectory engine and system service.
Installs the Identity Manager plug-ins for iManager.
Installs the Metadirectory system Remote Loader (if selected).
Installs the connected system drivers. (The drivers are installed, but dormant until initiated for use).
Installs the Identity Manager reports, and the Metadirectory system utilities and tools.

User Application and Provisioning Module Installation

The following services are installed on Linux^* and Windows:

JBoss and MySQL^* (if selected).
The WAR file required to run the User Application.

Designer Installation

There is an installer for Linux and one for Windows. They do the following tasks:

Install the Eclipse^* framework.
Install the foundational plug-ins.
Install the Metadirectory plug-ins.
Install the directory abstraction layer plug-ins.
Install the workflow editor plug-in.

1.4.2 Services

Identity Manager comes with seven services that you can install and configure. Although it’s not recommended for a production environment, you can install and configure all seven services on a single computer. Or you can deploy one service per computer, or anything in between. The supported hardware and software prerequisites for each service are covered in Section 1.5, System Requirements for Identity Manager.

Metadirectory System Service

This system is used as the Identity Vault, and you only need one instance of the Metadirectory engine in a production environment.

Figure 1-2 Metadirectory System Service

When data from one system changes, the Metadirectory engine included in Identity Manager detects and propagates these changes to other connected systems based on the business rules you define. This solution enables you to enforce authoritative data sources for any particular piece of data (for example, an HR application owns a user’s ID, while a messaging system might own a user's e-mail account information).

To install Identity Manager and this service, see Section 4.0, Installing Identity Manager. To see any prerequisites before installing Identity Manager, see the system requirements for Metadirectory System Metadirectory engine Novell Audit agent Service drivers Identity Manager Drivers Utilities (including Application Tools, and the Novell Audit Setup tool).

Web-based Administration Services

Figure 1-3 Web-Based Administration Service

Use this service for the administration of eDirectory and the Metadirectory system using iManager 2.5 and above with Identity Manager and user application plug-ins installed. You install Identity Manager plug-ins into iManager on the server where you install Identity Manager. To install Identity Manager plug-ins and this service, see Section 4.0, Installing Identity Manager.

Secure Logging Services

Figure 1-4 Secure Logging Service

Repository for logging events (Identity Manager software is not installed on this server, but having a secure logging service is mandatory). This is a central service that is used by Identity Manager and the user application and workflow system services and is downloaded separately from the Novell Download Web site.

From the Product or Technology pull-down menu on the Download Web site, select Audit and click Search. Click the Audit 2.0.2 Starter Pack. Follow the installation instructions included with the Starter Pack.

User Application and Provisioning Module

Figure 1-5 User Application and Provisioning Module

To install this service, see Section 5.0, Installing the User Application. The supported hardware and software prerequisites for each service are covered in Section 5.2, Prerequisites to Installation.

Database Service

Both the secure logging service and the end user application/work flow system require a database. You can set up one database to serve both applications, or you can set up independent databases for each one.

Figure 1-6 Database Service

The secure logging service does not include a specific database. However, you can use the MySQL database that comes with the User Application and provisioning. The User Application comes with the JBoss Application Server Version 4.2.0, and the User Application requires JRE^* 1.5.0_10. To install this service, see Section 5.3, Installation and Configuration Steps.

Workstations

Figure 1-7 Workstation Services for Designer

Used for Designer to design, deploy, and document the Identity Manager system and for utilities, reports, and tools included with the product. To install Designer on a workstation, see Installing Designer in the Designer 2.1 for Identity Manager 3.5.1.

Connected Systems

This is where the drivers are hosted and these connected systems can be applications, databases, servers, and other services. Each connected application requires individuals with application-specific knowledge and responsibility. Each driver requires that the connected system be available and the relevant APIs provided.

Figure 1-8 Connected Systems

You install the drivers as part of the Identity Manager installation process. To install Identity Manager and this service, see Section 4.0, Installing Identity Manager. To learn more about configuring drivers, read the driver-specific documentation on the Identity Manager Drivers Documentation Web site.