4.2 Install the User Application Server

With the IAS drivers configured, you can complete the installation by completing the following steps:

4.2.1 Install User Application for Provisioning

User Application for Provisioning is included in the Novell Identity Manager 3.5 build.

For installation instructions, see the Installing User Application section of the Identity Manager 3.5 Installation Guide .

For this release, we recommend installing User Application for Provisioning on a separate Windows 2003 server on the network because of the large number of workflow requests this system will be handling. Alternatively, you can install User Application for Provisioning on the Identity Vault server.

HINT:During the User Application configuration, you need to enter the PIV Workflow driver’s distinguished name in the field next to Provisioning Driver DN.

Also, when prompted for the search root, user root, and group root containers, select the IAS Root container you specified during the PIV Life Cycle driver configuration (See Table 4-1). For the user root, select the IAS Root/Users container. For the group root, select IAS Root/Groups container.

IMPORTANT:After you install the IDM User Application for Provisioning product, you should configure JBoss* to only allow mutual authenticated SSL connections. For more information, see this JBoss Wiki page .

4.2.2 Install the IAS Digital Signature Applet

The IAS Digital Signature Applet must be installed on the same server as User Application for Provisioning.

Before you begin the installation, make sure that JBoss is not running on the server.

  1. Double-click IASM odules_301:IDMDriver\IASSignerApplet.exe to install the driver.

  2. Read the welcome page, then click Next.

  3. Read the license agreement and select I accept the terms of the license agreement, then click Next.

  4. Select the folder that is the root of your User Application deployment, then click Next.

  5. Click Install to begin the installation.

  6. Read the post-install instructions on the last installation page.

    These instructions need to be completed after you click Finish.

  7. Click Finish to exit the installation wizard.

The post-install instructions include the following steps:

  1. Start JBoss and wait until User Application is fully deployed.

  2. Open an Internet browser and type in the following URL, substituting your system-specific values where appropriate:

    http:// <userapp-domain-or-ip>: <port>/ <userapp-context>/jsps/IASSignerConfig.jsp

    This redirects you to the Digital Signature Service configuration page.

  3. Log in as Administrator.

  4. Make sure the Enable Digital Signature Support check box is checked.

4.2.3 Restart the PIV Life Cycle Driver

To complete your installation and configuration of Identity Assurance Solution, restart the PIV Life Cycle driver.