This section provides information on the following:
This section provides information on the following:
Run the Identity Manager 2 installation program (for example, \nt\install.exe).
View the Welcome page, accept the license agreement, and view the two Overview pages.
In the DirXML Install dialog box, deselect all components except DirXML Connected System, then click Next.
Select a location for the connected system (the Remote Loader and remote driver shims), then click Next.
Select the DirXML Remote Loader Service and remote driver shims (drivers), then click Next.
Acknowledge the activation requirement, view products to be installed, then click Finish.
Select whether to place the Remote Loader Console icon on your desktop.
This section assumes that you have downloaded and expanded Identity Manager 2. If you need to download Identity Manager, go to the Novell download Web site.
After you expand the Identity Manager 2 file that you downloaded from the Novell Web site, complete the following steps:
Run one of the following installation files, depending on your platform:
After accepting the license agreement, press Enter to arrive at the Choose Install Set page:
Select DirXML Connected System Server by typing 2, then press Enter.
At the Pre-Installation Summary screen, review components that you have selected to install, then press Enter.
The HP-UX, AS/400, OS/390,and z/OS platforms require the Java Remote Loader.
Create a directory on the target system where you want to run the Java Remote Loader.
From the Identity Manager 2 CD or download image, copy the appropriate file in the /java_remoteloader directory to the directory that you created in Step 1:
Platform | File |
---|---|
HP-UX |
dirxml_jremote.tar.gz |
For HP-UX, AS/400, or z/OS, unzip the dirxml_jremote file.
Untar the file that you just copied.
The Java Remote Loader is now ready for configuration. Because the tar file doesn't contain drivers, you must manually copy the drivers into the lib directory. The lib directory is under the directory where the untarring occurred.
For information on MVS, untar the dirxml_jremote_mvs.tar file. Then refer to the usage.html document.
The DirXML Remote Loader can host DirXML application shims contained in .dll, .so, or .jar files. The Java Remote Loader hosts only Java driver shims. It won't load or host a native (C++) driver shim.
The Remote Loader Console is a new feature in Identity Manager 2. It runs only on Windows. The Console enables you to manage all DirXML drivers running under the Remote Loader on that computer:
If you are upgrading to Identity Manager 2, the Console detects and imports existing instances of the Remote Loader. (To be automatically imported, driver configurations must be stored in the remoteloader directory, typically c:\novell\remoteloader.) You can then use the Console to manage the remote drivers.
To launch the Remote Loader Console, click the Remote Loader Console icon on your desktop. The following figure illustrates the Console.
If you type dirxml_remote from the command line, without any parameters, the Remote Loader Application Wizard is launched.
NOTE: Using the wizard and the Console together can cause unexpected behavior. Therefore, we recommend that you use the Remote Loader Console going forward and upgrade your existing configurations into the Console.
To add a Remote Loader instance, click Add, then provide the following information.
To edit a Remote Loader instance:
Select it from the Description column.
Click Stop, type the Remote Loader password, then click OK.
Click Edit, then modify the following information:
The Remote Loader Console places configuration parameters into this text file and uses those parameters when it runs.
The default TCP/IP port for this connection is 8090. With each new instance you create, the default port number automatically increases by one.
Each instance of the Remote Loader that runs on a particular computer must have a different command port number. The default command port is 8000. With each new instance you create, the default port number automatically increases by one.
NOTE: By specifying different connection ports and command ports, you can run multiple instances of the Remote Loader on the same server hosting different driver instances.
The password must be the same case-sensitive password that you typed in the Enter the Remote Loader Password edit box in the Authentication section on the DirXML Configuration page, when you configured the driver.
This password must be the same password you typed in the Driver Object Password edit box on the Driver Configuration page, when you configured the driver.
Secure Socket Link (Secure Socket Layer)
This is the exported self-signed certificate from the eDirectory tree's Organization Certificate Authority. See Exporting a Self-Signed Certificate.
If the trace level is set to 0, the trace window won't appear or display messages.
Each Remote Loader instance running on a particular machine must use a different trace file. Trace messages are written to the trace file only if the trace level is greater than zero.
Establish a Remote Loader Service
To run the Remote Loader, all platforms use a configuration file (for example, LDAPShim.txt). You can create or edit a configuration file by using command-line options. The following steps provide information on basic parameters for the configuration file. For information on additional parameters, see Options to Configure a Remote Loader.
Open a text editor.
(Optional) Specify a description by using the -description option.
Specify a TCP/IP port that the Remote Loader instance will use by using the -commandport option.
Specify the parameters for the connection to the DirXML server running the DirXML remote interface shim by using the -connection option.
Type -connection "parameter [parameter] [parameter]".
For example, type one of the following:
-connection "port=8091 rootfile=server1.pem"
-conn "port=8091 rootfile=server1.pem"
All the parameters must be included within quotation marks. Parameters include the following:
(Optional) Specify a trace parameter by using the -trace option.
(Optional) Specify a tracefile by using the -tracefile option.
(Optional) Limit the size of the tracefile by using the -tracefilemax option.
For example, type one of the following:
-tracefilemax 1000M
-tfm 1000M
In this example, the tracefile can be only 1 GB.
Specify the class by using the -class option or module by using the -module option.
Name and save the file.
You can change some settings while the Remote Loader is running. For information on these settings, refer to Options to Configure a Remote Loader.
After installing the Remote Loader, you can set the environment variable RDXML_PATH, which changes the current directory for rdxml. This directory is then taken as the base path for files that are subsequently created. To set the value of the RDXML_PATH variable, enter the following commands:
On Solaris, Linux, or AIX, the binary component rdxml provides the Remote Loader functionality. This component is located in the /usr/bin/ directory. On Windows, the default is c:\novell\RemoteLoader.
To run the Remote Loader:
Set the password.
Start the Remote Loader.
Platform | Command |
---|---|
Windows |
dirxml_remote -config path_to_config_file |
Solaris |
rdxml -config path_to_config_file |
HP-UX |
dirxml_jremote -config path_to_config_file |
Using iManager, start the driver.
Confirm that the Remote Loader is operating properly.
The Remote Loader loads the DirXML application shim only when the Remote Loader is in communication with the remote interface shim on the DirXML server. This means, for example, that the application shim will be shut down if the Remote Loader loses communication with the DirXML server.
For Linux, Solaris, or AIX, use the ps command or a trace file to find out whether the command and connection ports are listening.
For HP-UX and similar platforms, monitor the Java Remote Loader by using the tail command on the tracefile:
tail -f trace filename
If the last line of the log shows the following, the loader is successfully running and awaiting connection from the DirXML remote interface shim:
TRACE: Remote Loader: Entering listener accept()
To configure the Remote Loader (rdxml) to start automatically on UNIX, see TID 10097249.
If multiple instances of the Remote Loader are running on the computer, pass the -cp command port option so that the Remote Loader can stop the appropriate instance.
When you stop the Remote Loader, you must have sufficient rights or enter the Remote Loader password.
Scenario: Sufficient Rights. The Remote Loader is running as a Windows service. You have sufficient rights to stop it. You enter a password, but realize that it is incorrect. The Remote Loader stops anyway.
The Remote Loader isn't "accepting" the password. Instead, it is ignoring the password because the password is redundant in this case. If you run the Remote Loader as an application rather than as a service, the password is used.