4.1 Installation Procedures

You might want to have a pen handy to record the static IP address and login credentials in the spaces provided below.

4.1.1 Installing on Linux

  1. If you have Red Carpet or auto update running, stop these programs before you install the Administration Console.

  2. Verify that the machine meets the minimum requirements. See Section 3.4, Administration Console Requirements.

  3. Open a terminal window.

  4. Log in as the root user.

  5. Access the install script:

    1. Make sure you have downloaded the software or you have the CD available.

      For software download instructions, see the “Novell Access Manager Readme”.

    2. Do one of the following:

      • Insert the CD into the drive, then navigate to the device. Enter the following:

        cd /media

        Change to your CD-ROM drive, which is usually cdrom but can be something else such as cdrecorder or dvdrecorder, depending on your hardware.

      • If you downloaded the tar.gz file, unpack the file by using the following command:

        tar -xzvf <filename>

    3. Change to the novell-access-manager-3.1.2-xxx directory.

  6. At the command prompt, enter the following:

    ./install.sh

    NOTE: When you install Administration Console on a SLES 11 64-bit operating system, the following error message appears: 

    This version of Novell Access Manager supports SSL VPN installation only on Novell SUSE Linux Enterprise Server version 11 64-bit. If you are installing any other component, you are recommended to stop the installation now". Would you like to continue (y/n)? [n]:

    Ignore this error message and continue with the installation by specifying ‘y’.

  7. When you are prompted to install a product, type 1 for Install Novell Access Manager Administration, then press the Enter key.

  8. (Conditional) If the install does not detect a static IP address that Access Manager requires on your machine, you receive an advisory message asking whether or not you want to continue the installation. At this point, cancel the installation and configure your machine for a static IP address.

    Record the static IP address here: __________________________________

  9. (Conditional) If the install detects a version of LDAP on your machine, enter Y to continue the installation.

    If requested during installation, make sure that the uninstall option for Open LDAP is selected. Later in the installation, you are prompted to uninstall LDAP and replace it with the required Access Manager configuration store components.

  10. Review and accept the License Agreement.

  11. Specify whether this is the primary Access Manager Administration Console in a failover group. The first Administration Console installed becomes the primary console.

    You can install up to three Administration Consoles for replication and failover purposes. If this is not the primary console, you must provide the IP address for the primary Administration Console.

  12. Specify the administration username.

    Press Enter to use admin as the default admin username, or change this to a username of your choice.

    Record the admin username here: __________________________________

  13. Specify the administration password.

    Use alphanumeric characters only. You must remember this password because it gives rights to the administrator, the configuration store, and subsequent logins to the Administration Console.

    Record the admin password here: __________________________________

  14. Confirm the password, then wait as the system installs the components.

    This can take several minutes, depending upon the speed of your hardware. Be patient.

    The following components are installed:

    • Novell Audit Platform Agent: Responsible for packaging and forwarding the audit log entries to the configured Novell Audit Server. For more information, see Enabling Auditing in the Novell Access Manager 3.1 SP2 Administration Console Guide.

    • Tomcat for Novell: The Novell packaging of the Java-based Tomcat Web server used to run servlets and JavaServer Pages (JSP) associated with Novell Access Manager Web applications.

    • Novell Access Manager Configuration Store: An embedded version of eDirectory used to store user-defined server configurations, LDAP attributes, Certificate Authority keys, certificates, and other Access Manager attributes that must be securely stored.

    • Novell iManager: The Web-based administration console that provides customized, secure access to server administration utilities. It is a modified version and cannot be used to manage other eDirectory trees.

    • Novell Audit Server: The server bundled as part of the Administration Console to monitor and log all enabled Access Manager components. For more information, see Enabling Auditing in the Novell Access Manager 3.1 SP2 Administration Console Guide.

    • Novell Administration Console: A modification of Novell iManager that enables management of all aspects of Access Manager. This component is not a standard iManager plug-in. It significantly modifies the tasks that iManager can perform.

    • Novell Identity Server Administration Plug-In: Works in conjunction with the Novell Administration Console to specifically manage the Novell Identity Server.

  15. Record the login URL.

    When the installation completes, the login URL is displayed. It looks similar to the following:

    http://10.10.10.50:8080/nps

    Record your login URL here: __________________________________

    This is the URL you enter into a browser to configure the Access Manager components. If you log in now with the username and password you entered during the installation, you have an empty system with no components installed.

  16. Continue with Section 4.2, Configuring the Administration Console Firewall.

4.1.2 Installing on Windows

  1. Verify that the machine meets the minimum requirements. See Section 3.4, Administration Console Requirements.

  2. Close any running applications and disable any virus scanning programs.

  3. (Conditional) To use a remote desktop for installation, use one of the following:

    • Current version of VNC viewer

    • Microsoft Remote Desktop with the /console switch for Windows XP SP2

    • Microsoft Remote Desktop with the /admin switch for Windows XP SP3

  4. Download the software file and execute it.

    For software download instructions, see the “Novell Access Manager Readme”.

  5. Read the introduction, then click Next.

  6. Accept the license agreement, then click Next.

  7. Select Novell Access Manager Administration Console, then click Next.

    If you are also installing the Identity Server on this machine, you can also select Novell Identity Server.

  8. Specify whether this is the primary Administration Console in a failover group, then click Next.

    The first Administration Console installed becomes the primary console.

    You can install up to three Administration Consoles for replication and failover purposes. If this is not the primary console, you must provide the IP address for the primary Administration Console.

  9. Specify the following information:

    Administration user ID: Specify a name for the user account to use for logging into the Administration Console.

    Password and Re-enter Password: Specify a password and re-enter the password for the administration user account.

    Server IP Address: Specify the static IP address of the machine.

  10. Click Next, then review the summary.

  11. To start the install, click Install.

    The configuration database takes awhile to install and configure. Be patient.

  12. (Optional) After the installation completes, view the install log file found in the following location:

    Windows Server 2003: \Program Files\Novell\log\AccessManagerServer_ InstallLog.log

    Windows Server 2008: \Program Files (x86)\Novell\log\AccessManagerServer_ InstallLog.log

  13. Reboot the machine.

    IMPORTANT:You must restart the machine before installing any other Access Manager components.

  14. (Windows Server 2003) In a terminal window, run the auditext.exe utility.

    1. Change to the \Program Files\Novell\NSure Audit directory.

      The .lsc file required when executing the auditext.exe utility is located in the \Program Files\Novell\Nsure Audit\LogSchema\nids_en.lsc directory.

    2. Enter the following command:

      auditext -lsc -u:<admin> -p:<novell> -a:Novell Access Manager -f:c:\Program Files\Novell\Nsure Audit\LogSchema\\nids_en.lsc -l:en

      Modify the following variables to match your system:

      Variable

      Description

      c:

      The drive letter for where the Program Files directory is located.

      -u:<admin>

      This is the name of the administrator for the Administration Console. Replace <admin> with the name of your administrator

      -p:<novell>

      This is the password for the administrator. Replace <novell> with the password of your administrator.

      For more information about this utility, see “AuditExt”.

  15. (Windows Server 2008) In a terminal window, run the auditext.exe utility.

    1. Change to the \Program Files (x86)\Novell\NSure Audit directory.

      The .lsc file required when executing the auditext.exe utility is located in the \Program Files (x86)\Novell\Nsure Audit\LogSchema\nids_en.lsc directory.

    2. Enter the following command:

      auditext -lsc -u:<admin> -p:<novell> -a:Novell Access Manager -f:c:\Program Files (x86)\Novell\Nsure Audit\LogSchema\\nids_en.lsc -l:en

      Modify the following variables to match your system:

      Variable

      Description

      c:

      The drive letter for where the Program Files (x86) directory is located.

      -u:<admin>

      This is the name of the administrator for the Administration Console. Replace <admin> with the name of your administrator

      -p:<novell>

      This is the password for the administrator. Replace <novell> with the password of your administrator.

      For more information about this utility, see “AuditExt”.

  16. Continue with Section 4.2, Configuring the Administration Console Firewall.