5.6 Installing the User Application on a JBoss Application Server from the Install GUI

This section describes how to install the Identity Manager User Application on a JBoss Application Server by using the graphical user interface version of the installer.

5.6.1 Launching the Installer GUI

  1. Navigate to the directory containing your installation files, described in Table 5-2.

  2. Launch the installer for your platform from the command line:

    java -jar IdmUserApp.jar

  3. Select a language from the drop-down menu, then click OK.

  4. Read the license agreement, click I accept the terms of the License Agreement, then click Next.

  5. Read the Introduction page of the install wizard, then click Next.

5.6.2 Choosing an Application Server Platform

  1. Choose the JBoss application server platform and click Next.

5.6.3 Migrating Your Database

If you do not want to migrate a database, click Next and continue to Section 5.6.4, Specifying the Location of the WAR.

If you want to use an existing database from your Version 3.0 or Version 3.01 User Application, you must migrate the database.

  1. Verify that you started the database that you want to migrate.

  2. Click Yes in the Data Migration page of the installation program.

  3. Click Choose to navigate to the install.properties file in the Identity Manager 3.0 or 3.01 User Application installation directory.

    Specifying the location of the install.properties file from your previous installation reduces the number of items that you have to specify in the following pages.

  4. You are asked to confirm the database type, hostname, and port. Do so, and click Next.

  5. Click Next and continue to Section 5.6.4, Specifying the Location of the WAR or Section 5.6.5, Choosing an Install Folder.

The User Application installer upgrades your User Application and migrates data from the Version 3.0 or 3.0.1 database to the database used for Version 3.5.1. For information on and additional steps for migrating your database, see the Identity Manager User Application: Migration Guide.

5.6.4 Specifying the Location of the WAR

If the Identity Manager User Application WAR file is in a different directory from the installer, the installer prompts for the path to the WAR.

  1. If the WAR is in the default location, click Restore Default Folder. Or, to specify the location of the WAR file, click Choose and select a location.

  2. Click Next, then continue with Section 5.6.5, Choosing an Install Folder.

5.6.5 Choosing an Install Folder

  1. On the Choose Install Folder page, select where to install the User Application. If you need to remember and use the default location, click Restore Default Folder, or if you want to choose another location for the installation files, click Choose and browse to a location.

  2. Click Next, then continue with Section 5.6.6, Choosing a Database Platform.

5.6.6 Choosing a Database Platform

  1. Select the database platform to use.

  2. If you are using an Oracle database, continue with Step 3. Otherwise, skip to Step 4.

  3. If you are using an Oracle database, the installer asks you which version you are using. Choose your version.

  4. Click Next, then continue with Section 5.6.7, Specifying the Database Host and Port.

5.6.7 Specifying the Database Host and Port

  1. Fill in the following fields:

    Field

    Description

    Host

    Specify the database server’s hostname or IP address.

    For a cluster, specify the same hostname or IP address for each member of the cluster.

    Port

    Specify the database’s listener port number.

    For a cluster, specify the same port for each member of the cluster.

  2. Click Next, then continue with Section 5.6.8, Specifying the Database Name and Privileged User.

5.6.8 Specifying the Database Name and Privileged User

  1. Fill in the following fields:

    Field

    Description

    Database name (or sid)

    For MySQL or MS SQL Server, provide the name of your preconfigured database. For Oracle, provide the Oracle System Identifier (SID) that you previously created.

    For a cluster, specify the same database name or SID for each member of the cluster.

    Database user

    Specify the database user.

    For a cluster, specify the same database user for each member of the cluster.

    NOTE:Use the root account created for the MySQL server account. Creation of a regular user account is not part of this installation.

    Database password/Confirm password

    Specify the database password.

    For a cluster, specify the same database password for each member of the cluster.

  2. Click Next, then continue with Section 5.6.9, Specifying the Java Root Directory.

5.6.9 Specifying the Java Root Directory

  1. Click Choose to browse for your Java root folder. To use the default location, click Restore Default.

  2. Click Next, then continue with Section 5.6.10, Specifying the JBoss Application Server Settings.

5.6.10 Specifying the JBoss Application Server Settings

On this page, tell the User Application where to find the JBoss Application Server.

This installation procedure does not install the JBoss Application Server: for directions on installing the JBoss Application Server, see Section 5.2.1, Installing the JBoss Application Server and the MySQL Database.

  1. Supply the base folder, host, and port:

    Field

    Description

    Base folder

    Specify the location of the application server.

    Host

    Specify the application server’s hostname or IP address

    Port

    Specify the application server’s listener port number. The JBoss default port is 8080.

    NOTE:You can change this port value by using the JBoss sources.

  2. Click Next, then continue with Section 5.6.11, Choosing the Application Server Configuration Type.

5.6.11 Choosing the Application Server Configuration Type

  1. Fill in the following fields:

    Option

    Description

    Single (default) or clustering (all)

    Select the type of application server configuration:

    • Select all if this installation is part of a cluster

    • Select default if this installation is on a single node that is not part of a cluster

    Server name

    Specify the server name.

    The server name is the name of the application server configuration, the name of the application WAR file, and the name of the URL context. The installation script creates a server configuration and by default names the configuration based on Application name.

    Note the application name and include it in the URL when you start the Identity Manager User Application from a browser.

    Workflow Engine ID

    Each server in a cluster must have a unique Workflow Engine ID. Workflow Engine IDs are described in the Identity Manager User Application: Administration Guide in Section 3.5.4, Configuring Workflows for Clustering.

  2. Click Next, then continue with Section 5.6.12, Enabling Novell Audit Logging.

5.6.12 Enabling Novell Audit Logging

(Optional) To enable Novell Audit logging for the User Application:

  1. Fill in the following fields:

    Option

    Description

    On

    Enables Novell Audit Logging for the User Application.

    For more information on setting up Novell Audit logging, see the Identity Manager User Application: Administration Guide.

    Off

    Disables Novell Audit Logging for the User Application. You can enable it later using the Administration tab of the User Application.

    For more information on enabling Novell Audit logging, see the Identity Manager User Application: Administration Guide.

    Server

    If you turn Novell Audit logging on, specify the hostname or IP address for the Novell Audit server. If you turn logging off, this value is ignored.

  2. Click Next, then continue with Section 5.6.14, Configuring the User Application.

5.6.13 Specifying a Master Key

Specify whether to import an existing master key or create a new one. Examples of reasons to import an existing master key include:

  • You are moving your installation from a staging system to a production system and want to keep access to the database you used with the staging system.

  • You installed the User Application on the first member of a JBoss cluster and are now installing on subsequent members of the cluster (they require the same master key).

  • Because of a failed disk, you need to restore your User Application. You must reinstall the User Application and specify the same encrypted master key that the previous installation used. This gives you access to the previously stored encrypted data.

  1. Click Yes to import an existing master key, or click No to create a new one.

  2. Click Next.

    The installation procedure writes the encrypted master key to the master-key.txt file in the installation directory.

    If you chose No, skip to Section 5.6.14, Configuring the User Application. After you finish the installation, you must manually record the master key as described in Section 5.10.1, Recording the Master Key.

    If you chose Yes, continue with Step 3.

  3. If you choose to import an existing encrypted master key, cut and paste the key into the install procedure window.

  4. Click Next.

5.6.14 Configuring the User Application

The User Application install enables you to set User Application configuration parameters. Most of these parameters are also editable with configupdate.sh or configupdate.bat after installation; exceptions are noted in the parameter descriptions.

For a cluster, specify identical User Application configuration parameters for each member of the cluster.

  1. Set the basic User Application configuration parameters described in Table 5-4, then continue with Step 2.

    The User Application configuration panel

    Table 5-4 User Application Configuration: Basic Parameters

    Type of Setting

    Field

    Description

    eDirectory Connection Settings

    LDAP Host

    Required. Specify the hostname or IP address for your LDAP server and its secure port. For example: 

    myLDAPhost

    This is same server that is actively running the IDM engine.

    LDAP Non-Secure Port

    Specify the non-secure port for your LDAP server. For example: 389.

    LDAP Secure Port

    Specify the secure port for your LDAP server. For example: 636.

    LDAP Administrator

    Required. Specify the credentials for the LDAP Administrator. This user must already exist. The User Application uses this account to make an administrative connection to the Identity Vault. This value is encrypted, based on the master key.

    LDAP Administrator Password

    Required. Specify the LDAP Administrator password. This password is encrypted, based on the master key.

    Use Public Anonymous Account

    Allows users who are not logged in to access the LDAP Public Anonymous Account.

    LDAP Guest

    Allows users who are not logged in to access permitted portlets. This user account must already exist in the Identity Vault. To enable LDAP Guest, you must deselect Use Public Anonymous Account. To disable Guest User, select Use Public Anonymous Account.

    LDAP Guest Password

    Specify the LDAP Guest password.

    Secure Admin Connection

    Select this option to require that all communication using the admin account be done using a secure socket (this option can have adverse performance implications). This setting allows other operations that don't require SSL to operate without SSL.

    Secure User Connection

    Select this option to require that all communication using the logged-in user’s account be done using a secure socket (this option can have adverse performance implications). This setting allows other operations that don't require SSL to operate without SSL.

    eDirectory DNs

    Root Container DN

    Required. Specify the LDAP distinguished name of the root container. This is used as the default entity definition search root when no search root is specified in the directory abstraction layer.

    Provisioning Driver DN

    Required. Specify the distinguished name of the User Application driver that you created earlier in Section 5.4, Creating the User Application Driver. For example, if your driver is UserApplicationDriver and your driver set is called myDriverSet, and the driver set is in a context of o=myCompany, you would type a value of:

    cn=UserApplicationDriver,cn=myDriverSet,o=myCompany

    User Application Admin

    Required. An existing user in the Identity Vault who has the rights to perform administrative tasks for the User Application user container specified. This user can use the Administration tab of the User Application to administer the portal.

    If the User Application Administrator participates in workflow administration tasks exposed in iManager, Novell Designer for Identity Manager, or the User Application (Requests & Approvals tab), you must grant this administrator appropriate trustee rights to object instances contained in the User Application driver. Refer to the IDM User Application: Administration Guide for details.

    To change this assignment after you deploy the User Application, you must use the Administration > Security pages in the User Application.

    Provisioning Application Admin

    This role is available in the provisioning version of Identity Manager 3.5.1. The Provisioning Application Administrator uses the Provisioning tab (under the Administration tab) to manage the Provisioning Workflow functions. These functions are available to users through the Requests and Approvals tab of the User Application. This user must exist in the Identity Vault prior to being designated the Provisioning Application Administrator.

    To change this assignment after you deploy the User Application, you must use the Administration > Security pages in the User Application.

    eDirectory DNs (continued)

    User Container DN

    Required. Specify the LDAP distinguished name (DN) or fully qualified LDAP name of the user container. This defines the search scope for users and groups. Users in this container (and below) are allowed to log in to the User Application.

    IMPORTANT:Be sure the User Application Administrator specified during User Application driver setup exists in this container if you want that user to be able to execute workflows.

    Group Container DN

    Required. Specify the LDAP distinguished name (DN) or fully qualified LDAP name of the group container.

    Used by entity definitions within the directory abstraction layer.

    eDirectory Certificates

    Keystore Path

    Required. Specify the full path to your keystore (cacerts) file of the JDK that the application server application server is using to run, or click the small browser button and navigate to the cacerts file.

    On Linux or Solaris, the user must have permission to write to this file.

    Keystore Password/Confirm Keystore Password

    Required. Specify the cacerts password. The default is changeit.

    Email

    Notify Template Host Token

    Specify the application server hosting the Identity Manager User Application. For example:

    myapplication serverServer

    This value replaces the $HOST$ token in e-mail templates. The URL that is constructed is the link to provisioning request tasks and approval notifications.

    Notify Template Port Token

    Used to replace the $PORT$ token in e-mail templates used in provisioning request tasks and approval notifications.

    NotifyTemplate Secure Port Token

    Used to replace the $SECURE_PORT$ token in e-mail templates used in provisioning request tasks and approval notifications.

    Notification SMTP Email From:

    Specify e-mail to come from a user in provisioning e-mail.

    Notification SMTP Email Host:

    Specify the SMTP e-mail host that provisioning e-mail is using. This can be an IP address or a DNS name.

    Password Management

    Use External Password WAR

    This feature enables you to specify a Forgot Password page residing in an external Forgot Password WAR and a URL that the external Forgot Password WAR uses to call back the User Application through a Web service.

    If you check Use External Password WAR, you must supply values for Forgot Password Link and Forgot Password Return Link.

    If you do not select Use External Password WAR, IDM uses the default internal Password Management functionality, ./jsps/pwdmgt/ForgotPassword.jsf (without the http(s) protocol at the beginning). This redirects the user to the Forgot Password functionality built into the User Application, rather than to an external WAR.

    Forgot Password Link

    This URL points to the Forgot Password functionality page. Specify a ForgotPassword.jsf file in an external or internal password management WAR. For details, see Using Password WARs.

    Forgot Password Return Link

    If you are using an external password management WAR, supply the path that the external Password Management WAR uses to call back the User Application through Web Services, for example https://idmhost:sslport/idm.

  2. If you want to set additional User Application configuration parameters, click Show Advanced Options. (Scroll to view the whole panel.) Table 5-5 describes the Advanced Options parameters.

    If you do not want to set additional parameters described in this step, skip to Step 3.

    Table 5-5 User Application Configuration: All Parameters

    Type of Setting

    Field

    Description

    eDirectory Connection Settings

    LDAP Host

    Required. Specify the hostname or IP address for your LDAP server. For example:

    myLDAPhost

    LDAP Non-Secure Port

    Specify the non-secure port for your LDAP server. For example: 389.

    LDAP Secure Port

    Specify the secure port for your LDAP server. For example: 636.

    LDAP Administrator

    Required. Specify the credentials for the LDAP Administrator. This user must already exist. The User Application uses this account to make an administrative connection to the Identity Vault. This value is encrypted, based on the master key.

    LDAP Administrator Password

    Required. Specify the LDAP Administrator password. This password is encrypted, based on the master key.

    Use Public Anonymous Account

    Allows users who are not logged in to access the LDAP Public Anonymous Account.

    LDAP Guest

    Allows users who are not logged in to access permitted portlets. This user account must already exist in the Identity Vault. To enable LDAP Guest, you must deselect Use Public Anonymous Account. To disable Guest User, select Use Public Anonymous Account.

    LDAP Guest Password

    Specify the LDAP Guest password.

    Secure Admin Connection

    Select this option to require that all communication using the admin account be done using a secure socket (this option can have adverse performance implications). This setting allows other operations that don't require SSL to operate without SSL.

    Secure User Connection

    Select this option to require that all communication done on the logged-in user's account be done using a secure socket (this option can have severe adverse performance implications). This setting allows other operations that don't require SSL to operate without SSL.

    eDirectory DNs

    Root Container DN

    Required. Specify the LDAP distinguished name of the root container. This is used as the default entity definition search root when no search root is specified in the directory abstraction layer.

    Provisioning Driver DN

    Required. Specify the distinguished name of the User Application driver that you created earlier in Section 5.4, Creating the User Application Driver. For example, if your driver is UserApplicationDriver and your driver set is called myDriverSet, and the driver set is in a context of o=myCompany, you type a value of:

    cn=UserApplicationDriver,cn=myDriverSet,o=myCompany

    User Application Admin

    Required. An existing user in the Identity Vault who has the rights to perform administrative tasks for the User Application user container specified. This user can use the Administration tab of the User Application to administer the portal.

    If the User Application Administrator participates in workflow administration tasks exposed in iManager, Novell Designer for Identity Manager, or the User Application (Requests & Approvals tab), you must grant this administrator appropriate trustee rights to object instances contained in the User Application driver. Refer to the IDM User Application: Administration Guide for details.

    To change this assignment after you deploy the User Application, you must use the Administration > Security pages in the User Application.

    Provisioning Application Admin

    This role is available in the provisioning version of Identity Manager 3.5.1. The Provisioning Application Administrator manages Provisioning Workflow functions available through the Requests and Approvals tab of the User Application. This user must exist in the Identity Vault prior to being designated the Provisioning Application Administrator.

    To change this assignment after you deploy the User Application, you must use the Administration > Security pages in the User Application.

    Meta-Directory User Identity

    User Container DN

    Required. Specify the LDAP distinguished name (DN) or fully qualified LDAP name of the user container.

    This defines the search scope for users and groups.

    Users in this container (and below) are allowed to log in to the User Application.

    IMPORTANT:Be sure the User Application Administrator specified during User Application driver setup exists in this container if you want that user to be able to execute workflows.

    User Object Class

    The LDAP user object class (typically inetOrgPerson).

    Login Attribute

    The LDAP attribute (for example, CN) that represents the user’s login name.

    Naming Attribute

    The LDAP attribute used as the identifier when looking up users or groups. This is not the same as the login attribute, which is used only during login, and not during user/group searches.

    User Membership Attribute

    Optional. The LDAP attribute that represents the user’s group membership. Do not use spaces in this name.

    Meta-Directory User Groups

    Group Container DN

    Required. Specify the LDAP distinguished name (DN) or fully qualified LDAP name of the group container. Used by entity definitions within the directory abstraction layer.

    Group Object Class

    The LDAP group object class (typically groupofNames).

    Group Membership Attribute

    The attribute representing the user’s group membership. Do not use spaces in this name.

    Use Dynamic Groups

    Select this option if you want to use dynamic groups.

    Dynamic Group Object Class

    The LDAP dynamic group object class (typically dynamicGroup).

    eDirectory Certificates

    Keystore Path

    Required. Specify the full path to your keystore (cacerts) file of the JRE that the application server application server is using to run, or else click the small browser button and navigate to the cacerts file.

    The User Application installation modifies the keystore file. On Linux or Solaris, the user must have permission to write to this file.

    Keystore Password

    Confirm Keystore Password

    Required. Specify the cacerts password. The default is changeit.

    Private Key Store

    Private Keystore Path

    The private keystore contains the User Application’s private key and certificates. Reserved. If you leave this empty, this path is /jre/lib/security/cacerts by default.

    Private Keystore Password

    This password is changeit unless you specify otherwise. This password is encrypted, based on the master key.

    Private Key Alias

    This alias is novellIDMUserApp unless you specify otherwise.

    Private Key Password

    This password is nove1lIDM unless you specify otherwise. This password is encrypted, based on the master key.

    Trusted Key Store

    Trusted Store Path

    The Trusted Key Store contains all trusted signers’ certificates used to validate digital signatures. If this path is empty, the User Application gets the path from System property javax.net.ssl.trustStore. If the path isn’t there, it is assumed to be jre/lib/security/cacerts.

    Trusted Store Password

    If this field is empty, the User Application gets the password from System property javax.net.ssl.trustStorePassword. If the value is not there, changeit is used. This password is encrypted, based on the master key.

    Novell Audit Digital Signature and Certificate Key

     

    Contains the Novell Audit digital signature key and certificate.

     

    Novell Audit Digital Signature Certificate

    Displays the digital signature certificate.

     

    Novell Audit Digital Signature Private Key

    Displays the digital signature private key. This key is encrypted, based on the master key.

    iChain Settings

    ICS Logout Enabled

    If this option is selected, the User Application supports simultaneous logout of the User Application and either iChain or Novell Access Manager. The User Application checks for an iChain or Novell Access Manager cookie on logout and, if the cookie is present, reroutes the user to the ICS logout page.

    ICS Logout Page

    The URL to the iChain or Novell Access Manager logout page, where the URL is a hostname that iChain or Novell Access Manager expects. If ICS logging is enabled and a user logs out of the User Application, the user is rerouted to this page.

    Email

    Notify Template Host Token

    Specify the application server hosting the Identity Manager User Application. For example:

    myapplication serverServer

    This value replaces the $HOST$ token in e-mail templates. The URL that is constructed is the link to provisioning request tasks and approval notifications.

    Notify Template Port Token

    Used to replace the $PORT$ token in e-mail templates used in provisioning request tasks and approval notifications.

    Notify Template Secure Port Token

    Used to replace the $SECURE_PORT$ token in e-mail templates used in provisioning request tasks and approval notifications.

    Notify Template PROTOCOL token

    Refers to a non-secure protocol, HTTP. Used to replace the $PROTOCOL$ token in e-mail templates used in provisioning request tasks and approval notifications.

    Notify Template SECURE PROTOCOL token

    Refers to a secure protocol, HTTPS. Used to replace the $SECURE_PROTOCOL$ token in e-mail templates used in provisioning request tasks and approval notifications.

    Notification SMTP Email From:

    Specify e-mail from a user in provisioning e-mail.

    Notification SMTP Email Host:

    Specify the SMTP e-mail host that provisioning e-mail is using. This can be an IP address or a DNS name.

    Password Management

     

     

    Use External Password WAR

    This feature enables you to specify a Forgot Password page residing in an external Forgot Password WAR and a URL that the external Forgot Password WAR uses to call back the User Application through a Web service.

    If you select Use External Password WAR, you must supply values for Forgot Password Link and Forgot Password Return Link.

    If you do not select Use External Password WAR, IDM uses the default internal Password Management functionality, ./jsps/pwdmgt/ForgotPassword.jsf (without the http(s) protocol at the beginning). This redirects the user to the Forgot Password functionality built into the User Application, rather than to an external WAR.

    Forgot Password Link

    This URL points to the Forgot Password functionality page. Specify a ForgotPassword.jsf file in an external or internal password management WAR. For details, see Using Password WARs.

     

    Forgot Password Return Link

    If you are using an external password management WAR, supply the path that the external Password Management WAR uses to call back the User Application through Web Services, for example https://idmhost:sslport/idm.

    Miscellaneous

    Session Timeout

    The application session timeout.

    OCSP URI

    If the client installation uses the On-Line Certificate Status Protocol (OCSP), supply a Uniform Resource Identifier (URI). For example, the format is http://host:port/ocspLocal. The OCSP URI updates the status of trusted certificates online.

    Authorization Config Path

    Fully qualified name of the authorization configuration file.

    Container Object

    Selected

    Select each Container Object Type to use.

    Container Object Type

    Select from the following standard containers: locality, country, organizationalUnit, organization, and domain. You can also define your own containers in iManager and add them under Add a new Container Object.

    Container Attribute Name

    Lists the Attribute Type name associated with the Container Object Type.

    Add a New Container Object: Container Object Type

    Specify the LDAP name of an objectclass from the Identity Vault that can serve as a container.

    For information on containers, see the Novell iManager 2.6 Administration Guide .

    Add a New Container Object: Container Attribute Name

    Supply the attribute name of the container object.

    NOTE:You can edit most of the settings in this file after installation. To do so, run the configupdate.sh script or the Windows configupdate.bat file located in your installation subdirectory. Remember that in a cluster, the settings in this file must be identical for all members of the cluster.

  3. After you finish configuring the settings, click OK, then continue with Section 5.6.15, Verify Choices and Install

Using Password WARs

Use the Forgot Password Link configuration parameter to specify the location of a WAR containing Forgot Password functionality. You can specify a WAR that is external or internal to the User Application.

Specifying an External Password Management WAR

  1. Use either the install procedure or the configupdate utility.

  2. In the User Application configuration parameters, select the Use External Password WAR configuration parameter check box.

  3. For the Forgot Password Link configuration parameter, specify the location for the external password WAR.

    Include the host and port, for example http://localhost:8080/ExternalPwd/jsps/pwdmgt/ForgotPassword.jsf. An external password WAR can be outside the firewall protecting the User Application.

  4. For the Forgot Password Return Link, supply the path that the external Password Management WAR uses to call back the User Application through Web Services, for example https://idmhost:sslport/idm.

    The return link must use SSL to ensure secure Web Service communication to the User Application. See also Section 5.10.3, Configuring SSL Communication Between JBoss Servers.

  5. If you are using the installer, read the information in this step and proceed to Step 6.

    If you are using the configupdate utility to update the external password WAR in the installation root directory, read this step and manually rename the WAR to the first directory you specified in Forgot Password Link. Then, proceed to Step 6.

    Before the installation ends, the installer renames IDMPwdMgt.war (bundled with the installer) to the name of the first directory that you specify. The renamed IDMPwdMgt.war becomes your external password WAR. For example, if you specify http://www.idmpwdmgthost.com/ExternalPwd/jsps/pwdmgt/ForgotPassword.jsf, the installer renames IDMPwdMgt.war to ExternalPwd.war. The installer moves the renamed WAR into the installation root directory.

  6. Manually copy ExternalPwd.war to the remote JBoss server deploy directory that runs the external password WAR functionality.

Specifying an Internal Password Management WAR

  1. Do not select Use External Password WAR.

  2. Accept the default location for the Forgot Password Link, or supply a URL for another password WAR.

  3. Accept the default value for Forgot Password Return Link.

5.6.15 Verify Choices and Install

  1. Read the Pre-Install Summary page to verify your choices for the installation parameters.

  2. If necessary, use Back to return to earlier installation pages to change installation parameters.

    The User Application configuration page does not save values, so after you re-specify earlier pages in the installation, you must re-enter the User Application configuration values.

  3. When you are satisfied with your installation and configuration parameters, return to the Pre-Install Summary page and click Install.

5.6.16 View Log Files

  1. If your installation completed without error, go to Section 5.10, Post-Install Tasks.

  2. If the installation issued errors or warnings, review the log files to determine the problems:

    • Identity_Manager_User_Application_InstallLog.log holds results of the basic installation tasks

    • Novell-Custom-Install.log holds information about the User Application configuration done during installation

    For help solving problems, see Section 5.12, Troubleshooting.