4.0 Installing the Novell Identity Server

Installation time: about 10 minutes.

IMPORTANT:Make sure to complete the following before you begin:

  • If you are installing the Access Manager components on multiple machines, ensure that time and date are synchronized on all machines.

  • Make sure that the Access Manager Administration Console is running. (See Installing the Access Manager Administration Console.) However, you must not perform any configuration tasks in the Administration Console during an Identity Server installation.

  • If you are installing the Administration Console on a separate machine, ensure that the DNS names resolve between the Identity Server and the Administration Console.

  • When you are installing the Identity Server on a separate machine (recommended for production environments), you need to ensure that ports 8080 and 8446 are open on the Administration Console machine.

  • When you are installing the Identity Server on the same machine as the Administration Console (not recommended for production environments), do not run simultaneous external installations of the Identity Server, Access Gateway, J2EE Agent, or SSL VPN. These installations must communicate with the Administration Console. During installation, Tomcat is restarted, which can disrupt the component import process.

  1. Verify that the machine meets the minimum requirements. See Section 2.5, Identity Server Requirements.

  2. Open a terminal window.

  3. Log in to SUSE Linux Enterprise Server (SLES) as the root user.

  4. If you are installing from CD or DVD, insert the disc into the drive, then navigate to the device. The location might be /media/cdrom, /media/cdrecorder, or /media/dvdrecorder, depending on your hardware.

    If you downloaded the tar.gz file, unpack the file using the following command:

    tar -xzvf <filename>

  5. At the command prompt, run the following install script:

  6. When prompted to install a product, type 2, Install Novell Identity Server, then press the Enter key.

    This selection is also used for installing additional Identity Servers for clustering behind an L4 switch. You need to run this install for each Identity Server you add to the cluster.

  7. If prompted, decide whether or not you want to continue the installation without a static IP address. Under most production environments, you must establish a static IP address for your Identity Server to reliably connect with other Access Manager components.

  8. Review and accept the License Agreement.

  9. Specify the IP address of the Administration Console, if you are not installing this Identity Server on the same machine where you installed the Administration Console.

  10. Specify the name of the administrator for the Administration Console.

  11. Specify the password of the administrator.

  12. Confirm the password, then wait as the system installs the components. (This will take several minutes.)

    The following components are installed:

    • Novell Access Manager Server Communications: The components necessary to enable network communications, including identifying devices, finding services, moving data packets, and maintaining data integrity.

    • Novell Identity Server: The component of Novell Access Manager that provides authentication and identity services for the other Access Manager components and third-party service providers.

    • Novell Identity Server Configuration: The configuration that allows the Identity Server to be securely configured by the Administration Console.

      If the installation process terminates at this step, the probable cause is a failure to communicate with the Administration Console. Ensure that you entered the correct IP address.

    • Novell Access Manager Server Communications Configuration: The communication configuration that enables the Identity Server to auto-import itself into the Administration Console.

    This completes the Novell Identity Server installation. The install logs are located in /tmp/novell_access_manager. These logs are all dated and time-stamped.

  13. (Optional) To verify that the Identity Server installation was successful, log in to the Administration Console (see Section 3.2, Logging In to the Administration Console), then click Access Manager > Identity Servers.

    After you log in to the Administration Console, click Access Manager > Identity Servers. The system displays the installed server, as shown in the following example:

    At this point the Identity Server is in an unconfigured state and is halted. It remains in this state and cannot function until you create an Identity Server configuration, which defines how an Identity Server or Identity Server cluster operates.

  14. Continue with one of the following: