B.2 Installation Tasks

The following installation tasks must be completed in the order that they are listed. If you do not need to do a step, you can skip it.

B.2.1 Installing Internet Information Services

If you want to set up your own CA in order to configure SSL on ADAM, you need to install Internet Information Services (IIS).

  1. On your Windows 2003 Server, access the Control Panel, then click Add or Remove Programs.

  2. In the left pane, select Add/Remove Windows Components.

  3. Select Application Server, then click Details.

  4. Select Internet Information Services (IIS), then click Details.

  5. Verify that at least the following are selected:

    • Common Files

    • Internet Information Services Manager

    • World Wide Web Service

  6. Click OK twice, then click Next to complete the installation.

    You might be prompted to insert your original installation media for Windows 2003 Server.

B.2.2 Installing Certificate Services

  1. On your Windows 2003 Server, access the Control Panel, then click Add or Remove Programs.

  2. In the left pane, select Add/Remove Windows Components.

  3. Select to Certificate Services, then click Next to complete the installation.

B.2.3 Installing ADAM

  1. On your Windows 2003 Server, access the Control Panel, then click Add or Remove Programs.

  2. In the left pane, select Add/Remove Windows Components.

  3. Select Active Directory Services, then click Details.

  4. Put a check mark next to Active Directory Application Mode (ADAM), then click OK.

  5. Click Next to complete the installation.

    The AD driver doesn't currently have a way to change the port when making a connection, so you need to use the defaults. If the values default to something else, you probably already have a service using those ports, and you might need to disable or uninstall the other service.

  6. Click Next.

  7. Select Yes to create an application directory partition, unless you plan on doing it later.

  8. Specify the DN of the location where you'd like to synchronize users. For example, CN=People,DC=adamtest1,DC=COM.

  9. Click Next.

  10. Leave the default locations for data files and data recovery files, then click Next.

  11. Choose an account for the ADAM service, then click Next.

    NOTE:If you are installing ADAM on a server that is not already part of a domain, you might get a warning at this point. This is usually not a problem with ADAM, and you should continue with the installation.

  12. Click Next to assign the current user (the one you are logged in as) rights to administrate ADAM.

  13. Select Import the selected LDIF files for this instance of ADAM.

  14. Select MS-User.LDF, then click Add.

  15. Click Next.

  16. Review the installation summary, then click Next.

B.2.4 Requesting and Installing the Server Certificate

  1. On the server where you installed IIS and Certificate Services, specify the following address in a Web browser: http://localhost/certsrv.

  2. You should see a welcome message from Certificate Services. If you do not, go back and make sure you have IIS and Certificate Services both installed.

  3. The steps for requesting and installing a certificate are found at [.NET] Using SSL with ADAM.

  4. On your ADAM server, make sure you have the certificate installed in the following location in MMC: Certificates - Service (adaminstance) on Local Computer\ADAM_adaminstance\Personal.

  5. On the Identity Manager server (or the Remote Loader computer) where the driver is running, you need the CA certificate only and it must be in Certificates - Current User\Trusted Root Certificates.

    See Active Directory Application Mode: Frequently Asked Questions for additional resources.

B.2.5 Installing Identity Manager

Identity Manager must be installed to use the ADAM driver. To install Identity Manager, see the Identity Manager 3.5.1 Installation Guide. If you are going to use the Remote Loader, see Deciding Whether to Use the Remote Loader.