IBM

Tivoli

Identity

Manager

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

Version

4.5.1

SC32-1147-03

���

IBM

Tivoli

Identity

Manager

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

Version

4.5.1

SC32-1147-03

���

Note:

Before

using

this

information

and

the

product

it

supports,

read

the

information

in

Appendix

H,

“Notices,”

on

page

139.

Fourth

Edition

(February

2004)

This

edition

applies

to

version

4.5.1

of

Tivoli

Identity

Manager

and

to

all

subsequent

releases

and

modifications

until

otherwise

indicated

in

new

editions.

This

edition

replaces

SC32-1147-02

©

Copyright

International

Business

Machines

Corporation

2004.

All

rights

reserved.

US

Government

Users

Restricted

Rights

–

Use,

duplication

or

disclosure

restricted

by

GSA

ADP

Schedule

Contract

with

IBM

Corp.

Contents

Preface

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. vii

Who

Should

Read

This

Book

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. vii

Publications

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. vii

Tivoli

Identity

Manager

Library

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. vii

Prerequisite

Product

Publications

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. viii

Related

Publications

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. ix

Accessing

Publications

Online

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. ix

Accessibility

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. ix

Contacting

Software

Support

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. x

Conventions

Used

in

this

Book

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. x

Typeface

Conventions

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. x

Operating

System

Differences

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. x

Revision

Bars

used

in

the

Version

4.5.1

Library

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. x

Definitions

for

HOME

Directory

Variables

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. x

Chapter

1.

Introduction

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 1

Hardware

and

Software

Requirements

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 1

Using

the

4.5.1

Installation

Image

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 1

Upgrading

an

Existing

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 1

Installing

Tivoli

Identity

Manager

Version

4.5.1

on

a

New

Computer

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 2

Chapter

2.

Configuration

Overview

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 3

WebSphere

Application

Server

Terminology

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 3

Single-Server

Configurations

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 4

Cluster

Configurations

for

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 6

Tivoli

Identity

Manager

Server

Tiers

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 7

Single-cluster

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 7

Functional

Cluster

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 8

Java

Message

Service

and

Other

Server

Processes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 10

WebSphere

Environment

Limitations

using

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 10

Chapter

3.

Database

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 11

IBM

DB2

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 11

Ensuring

Communication

and

Configuring

the

Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 11

Configuring

the

IBM

DB2

JDBC

Driver

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 14

Configuring

IBM

DB2

Version

7.1

and

7.2

for

a

JDBC

Type

2

Driver

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 16

Sourcing

the

IBM

DB2

Profile

on

Each

Cluster

Member

Computer

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 17

Example:

Expanding

Values

for

DB2

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 17

Oracle

Installation

and

Configuration

for

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 17

Preparing

to

Install

Oracle

on

AIX

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 18

Preparing

to

Install

Oracle

on

Solaris

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 20

Preparing

to

Install

Oracle

on

HP-UX

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 21

Preparing

to

Install

Oracle

on

Linux

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 22

Preparing

to

Install

Oracle

on

Windows

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 22

Configuring

Oracle

after

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 22

Chapter

4.

Directory

Server

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 25

IBM

Directory

Server

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 25

Specify

the

Suffix

for

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 26

Configure

the

Referential

Integrity

Plug-in

for

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

. 26

Restart

the

Directory

Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 28

Create

the

LDAP

Suffix

Object

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 29

Handling

Threads

Limitations

for

IBM

Directory

Server

5.2

on

Windows

.

.

.

.

.

.

.

.

.

.

.

.

.

. 30

Using

Version

5.1

and

WebSphere

Application

Server

on

the

Same

Computer

.

.

.

.

.

.

.

.

.

.

.

.

. 30

©

Copyright

IBM

Corp.

2004

iii

||||||

||||

||

Sun

ONE

Directory

Server

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 31

Chapter

5.

Single-server

Installation:

Tivoli

Identity

Manager

Server

.

.

.

.

.

.

.

.

. 33

Before

You

Begin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 33

Resolving

Port

Problems

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 35

Information

Worksheet

for

Single-Server

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 36

Database

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 36

Directory

Server

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 37

WebSphere

Application

Server

Information

for

Single-Server

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

. 38

IBM

HTTP

Server

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 39

Tivoli

Identity

Manager

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 40

Installing

Tivoli

Identity

Manager

Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 40

Navigate

Initial

Welcome

and

Licensing

Windows

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 42

Select

the

Installation

Type

and

Installation

Directory

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 43

Select

the

Database

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 44

Complete

the

Windows

for

a

Single-server

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 44

Specify

WebSphere

Global

Security

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 45

Specify

an

Encryption

Key

and

Read

the

Pre-Installation

Summary

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 47

Installation

Progress

and

Additional

Configuration

Activities

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 48

Logs

and

Directories

for

Single-Server

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 54

Complete

Security

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 55

Using

runConfig

after

Installing

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 55

Optionally

Installing

a

Language

Pack

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 56

Testing

Tivoli

Identity

Manager

Server

Communication

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 56

Server-Agent

Communication

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 57

Chapter

6.

Cluster

Installation:

Tivoli

Identity

Manager

Server

.

.

.

.

.

.

.

.

.

.

.

. 59

Before

You

Begin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 59

Resolving

Port

Problems

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 60

Creating

Clusters

Using

Network

Deployment

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 61

Information

Worksheet

for

Cluster

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 62

Database

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 62

Directory

Server

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 63

WebSphere

Application

Server

Information

for

Cluster

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 64

Tivoli

Identity

Manager

Information

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 65

Installing

Tivoli

Identity

Manager

Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 66

Navigate

Initial

Welcome

and

Licensing

Windows

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 68

Select

the

Installation

Type

and

Default

Installation

Directory

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 69

Select

the

Database

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 70

Complete

the

Sequence

for

Cluster

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 70

Specify

WebSphere

Global

Security

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 73

Specify

an

Encryption

Key

and

Read

the

Pre-Installation

Summary

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 75

Installation

Progress

and

Additional

Configuration

Activities

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 76

Logs

and

Directories

for

Cluster

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 82

Complete

Security

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 83

Using

runConfig

after

Installing

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 83

Optionally

Installing

a

Language

Pack

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 83

Optionally,

Define

HTTP

Session

Persistence

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 84

Verify

Transaction

Service

Settings

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 84

Update

the

Web

Server

Plug-in

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 84

Start

Clusters

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 84

Testing

Tivoli

Identity

Manager

Server

Communication

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 84

Server-Agent

Communication

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 86

Adding

or

Removing

Cluster

Members

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 86

Expanding

a

Cluster

Using

a

New

Computer

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 87

Expanding

a

Cluster

Using

the

Same

Computer

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 87

Removing

a

Cluster

Member

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 87

Appendix

A.

Installation

Images

as

Compact

Discs

and

Fix

Packs

.

.

.

.

.

.

.

.

.

. 89

Recommended

WebSphere

Interim

Fix

PQ77521

Not

on

CDs

or

on

4.5.1

Installation

Image

.

.

.

.

.

.

.

.

. 89

iv

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

Obtaining

4.5.1

Fix

Packs

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 89

Version

4.5.0

Compact

Discs

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 90

Language

Packs

CD

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 90

Base

Code

Solaris

CD

for

Tivoli

Identity

Manager

using

WebSphere

Application

Server

.

.

.

.

.

.

.

.

. 90

Base

Code

Solaris

CD

for

Tivoli

Identity

Manager

for

non-IBM

Application

Servers

.

.

.

.

.

.

.

.

.

. 90

Supplemental

Solaris

CD

1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 91

Supplemental

Solaris

CD

2

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 91

Supplemental

Solaris

CD

3

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 91

Supplemental

Solaris

CD

4

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 91

Base

Code

AIX

CD

for

Tivoli

Identity

Manager

using

WebSphere

Application

Server

.

.

.

.

.

.

.

.

.

. 92

Base

Code

AIX

CD

for

Tivoli

Identity

Manager

for

non-IBM

Application

Servers

.

.

.

.

.

.

.

.

.

.

. 92

Supplemental

AIX

CD

1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 92

Supplemental

AIX

CD

2

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 93

Supplemental

AIX

CD

3

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 93

Base

Code

HP-UX

CD

for

Tivoli

Identity

Manager

for

non-IBM

Application

Servers

.

.

.

.

.

.

.

.

.

. 93

Base

Code

Windows

2000

CD

for

Tivoli

Identity

Manager

using

WebSphere

Application

Server

.

.

.

.

.

. 93

Base

Code

Windows

2000

CD

for

Tivoli

Identity

Manager

for

non-IBM

Application

Servers

.

.

.

.

.

.

. 94

Supplemental

Windows

2000

CD

1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 94

Supplemental

Windows

2000

CD

2

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 94

Supplemental

Windows

2000

CD

3

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 95

Supplemental

Windows

2000

CD

4

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 95

Appendix

B.

Preparing

the

WebSphere

Environment

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 97

Preparing

for

WebSphere

Application

Server

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 97

Ensuring

Messaging

Support

User

and

Groups

are

Specified

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 97

Installing

WebSphere

Application

Server

on

Solaris

9

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 101

Installing

WebSphere

Application

Server

on

AIX

5.2

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 101

Using

an

Existing

WebSphere

MQ

Version

5.3

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 101

Validating

Availability

of

Port

9090

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 101

Configuring

Tivoli

Identity

Manager

Clusters

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 102

Installing

WebSphere

Application

Server

Network

Deployment

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 102

Installing

IBM

HTTP

Server

and

WebSphere

Web

Server

Plugin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 103

Generating

the

WebSphere

Web

Server

Plugin

Configuration

File

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 104

Installing

Base

on

Each

Node

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 105

Add

Nodes

to

a

Cell

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 105

Restarting

the

Node

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 106

Create

a

Cluster

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 106

Ensure

that

Network

Deployment

Manager

and

Node

Agents

are

Running

.

.

.

.

.

.

.

.

.

.

.

.

. 106

Configuring

WebSphere

Application

Server

Transaction

Service

Settings

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 107

Appendix

C.

Security

Considerations

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 109

J2EE

Security

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 109

Configuring

Security

for

Single-Node

Deployment

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 109

Configuring

Security

for

Multi-Node

Deployment

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 112

Disabling

J2EE

Security

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 115

Alternatives

in

Configuring

the

HTTP

Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 115

Appendix

D.

Upgrading

from

Tivoli

Identity

Manager

4.3

to

Tivoli

Identity

Manager

4.5,

and

then

to

4.5.1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 119

Before

You

Begin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 119

Upgrading

from

Tivoli

Identity

Manager

4.3

Using

WebLogic

to

Tivoli

Identity

Manager

4.5

Using

WebLogic

.

. 120

Installing

Tivoli

Identity

Manager

Version

4.5

using

WebSphere

Application

Server

.

.

.

.

.

.

.

.

.

.

. 121

Configuring

the

New

Installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 122

Upgrading

Version

4.5

to

4.5.1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 122

Appendix

E.

Upgrading

from

Tivoli

Identity

Manager

Version

4.4.x

to

4.5,

and

then

to

4.5.1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 123

Before

You

Begin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 123

Upgrading

a

Single-Server

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 125

Upgrading

Tivoli

Identity

Manager

4.4.x

to

4.5

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 125

Contents

v

||

||||

||

Upgrading

a

Cluster

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 126

Upgrading

Tivoli

Identity

Manager

4.4.x

to

4.5

for

the

Network

Deployment

Manager

System

.

.

.

.

.

. 127

Upgrading

Tivoli

Identity

Manager

4.4.x

to

4.5

for

the

Member

System

.

.

.

.

.

.

.

.

.

.

.

.

.

. 128

Upgrading

Version

4.5

to

4.5.1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 130

Appendix

F.

Upgrading

from

Tivoli

Identity

Manager

Version

4.5

to

4.5.1

.

.

.

.

.

.

. 131

Before

You

Begin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 131

Upgrading

a

Single-Server

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 132

Upgrading

a

Cluster

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 133

Upgrading

Tivoli

Identity

Manager

4.5

to

4.5.1

for

the

Network

Deployment

Manager

System

.

.

.

.

.

. 133

Upgrading

Tivoli

Identity

Manager

4.5

to

4.5.1

for

the

Member

System

.

.

.

.

.

.

.

.

.

.

.

.

.

. 134

Appendix

G.

Uninstalling

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 135

Before

You

Begin

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 135

Steps

to

Uninstall

Tivoli

Identity

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 136

WebSphere

Environment

Variable

ORACLE_JDBC_DRIVER_PATH

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 137

Appendix

H.

Notices

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 139

Trademarks

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 140

Glossary

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 143

Index

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 147

vi

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

||

||||||||||||

||

Preface

The

IBM

®

Tivoli

®

Identity

Manager

Server

Installation

Guide

on

UNIX

using

WebSphere®

describes

how

to

install

and

configure

the

Tivoli

Identity

Manager

Server

on

a

UNIX

server

to

manage

resources

from

a

central

location.

Who

Should

Read

This

Book

This

manual

is

intended

for

system

and

security

administrators

who

install,

maintain,

or

administer

software

on

their

site’s

computer

systems.

Readers

are

expected

to

understand

system

and

security

administration

concepts.

Additionally,

the

reader

should

understand

administration

concepts

for

the

following:

v

Directory

server

v

Database

server

v

WebSphere®

embedded

messaging

support

v

WebSphere

Application

Server

or

WebLogic

v

IBM

HTTP

Servers

Publications

Read

the

descriptions

of

the

Tivoli

Identity

Manager

library,

the

prerequisite

publications,

and

the

related

publications

to

determine

which

publications

you

might

find

helpful.

After

you

determine

the

publications

you

need,

refer

to

the

instructions

for

accessing

publications

online.

Tivoli

Identity

Manager

Library

The

publications

in

the

Tivoli

Identity

Manager

technical

documentation

library

are

organized

into

the

following

categories:

v

Release

Information

v

Online

User

Assistance

v

Server

Installation

v

Administration

and

Configuration

v

Technical

Supplements

v

Agent

Installation

Release

Information:

v

IBM

Tivoli

Identity

Manager

Release

Notes

Provides

software

and

hardware

requirements

for

Tivoli

Identity

Manager,

and

additional

fix,

patch,

and

other

support

information.

v

Tivoli

Identity

Manager

Read

This

First

Card

Online

User

Assistance:

v

Online

user

assistance

for

Tivoli

Identity

Manager

Provides

integrated

online

help

topics

for

all

Tivoli

Identity

Manager

administrative

tasks.

Server

Installation:

©

Copyright

IBM

Corp.

2004

vii

|||

v

IBM

Tivoli

Identity

Manager

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

Provides

installation

information

for

Tivoli

Identity

Manager.

v

IBM

Tivoli

Identity

Manager

Server

Installation

Guide

on

Windows

using

WebSphere

Provides

installation

information

for

Tivoli

Identity

Manager.

v

IBM

Tivoli

Identity

Manager

Server

Installation

Guide

on

UNIX

using

WebLogic

Provides

installation

information

for

Tivoli

Identity

Manager.

v

IBM

Tivoli

Identity

Manager

Server

Installation

Guide

on

Windows

2000

using

WebLogic

Provides

installation

information

for

Tivoli

Identity

Manager.

Administration

and

Configuration:

v

IBM

Tivoli

Identity

Manager

Policy

and

Organization

Administration

Guide

Provides

topics

for

Tivoli

Identity

Manager

administrative

tasks.

v

IBM

Tivoli

Identity

Manager

End

User

Guide

Provides

beginning

user

information

for

Tivoli

Identity

Manager.

v

IBM

Tivoli

Identity

Manager

Configuration

Guide

Provides

configuration

information

for

single-server

and

cluster

Tivoli

Identity

Manager

configurations.

Technical

Supplements:

v

IBM

Tivoli

Identity

Manager

Problem

Determination

Guide

Provides

additional

problem

solving

information

for

the

Tivoli

Identity

Manager

product.

Agent

Installation:

v

The

Tivoli

Identity

Manager

technical

documentation

library

also

includes

an

evolving

set

of

platform-specific

installation

documents

for

the

Agent

component

of

a

Tivoli

Identity

Manager

implementation.

Prerequisite

Product

Publications

To

use

the

information

in

this

book

effectively,

you

must

have

knowledge

of

the

products

that

are

prerequisites

for

Tivoli

Identity

Manager.

Publications

are

available

from

the

following

locations:

v

WebSphere

Application

Server

http://www.ibm.com/software/webservers/appserv/support.html

Note:

The

following

brief

list

of

Redbooks

describes

installing

and

configuring

WebSphere

Application

Server

and

providing

additional

security.

Although

the

list

was

current

when

this

publication

went

to

production,

publications

may

become

obsolete.

Contact

your

customer

representative

for

a

recommended

list

of

resource

information.

–

IBM

WebSphere

Application

Server

V5.0

System

Management

and

Configuration,

an

IBM

Redbook

–

IBM

WebSphere

Application

Server

V5.0

Security,

an

IBM

Redbookv

Database

servers

–

IBM

DB2

http://www.ibm.com/software/data/db2/udb/support.html

http://www.ibm.com/software/data/db2

viii

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

http://www-4.ibm.com/software/webservers/appserv/support.htmlhttp://www-4.ibm.com/software/data/db2/udb/support.htmlhttp://www.ibm.com/software/data/db2

–

Oracle

http://otn.oracle.com/tech/index.htmlv

Directory

server

applications

–

IBM

Directory

Server

http://www.ibm.com/software/network/directory

–

Sun

ONE

Directory

Server

http://wwws.sun.com/software/products/directory_srvr/5.1/index.htmlv

WebSphere

embedded

messaging

support

(or

IBM

MQSeries)

http://www.ibm.com/software/ts/mqseries

v

Web

Proxy

Server

–

IBM

HTTP

Server

http://www.ibm.com/software/webservers/httpservers/library.html

Related

Publications

Information

related

to

Tivoli

Identity

Manager

Server

is

available

in

the

following

publications:

v

The

Tivoli

Software

Library

provides

a

variety

of

Tivoli

publications

such

as

white

papers,

datasheets,

demonstrations,

redbooks,

and

announcement

letters.

The

Tivoli

Software

Library

is

available

on

the

Web

at:

http://www.ibm.com/software/tivoli/library/

v

The

Tivoli

Software

Glossary

includes

definitions

for

many

of

the

technical

terms

related

to

Tivoli

software.

The

Tivoli

Software

Glossary

is

available,

in

English

only,

from

the

Glossary

link

on

the

left

side

of

the

Tivoli

Software

Library

Web

page

at:

http://www.ibm.com/software/tivoli/library/

Accessing

Publications

Online

The

publications

for

this

product

are

available

online

in

Portable

Document

Format

(PDF)

or

Hypertext

Markup

Language

(HTML)

format,

or

both

in

the

Tivoli

software

library:

http://www.ibm.com/software/tivoli/library

To

locate

product

publications

in

the

library,

click

the

Product

manuals

link

on

the

left

side

of

the

library

page.

Then,

locate

and

click

the

name

of

the

product

on

the

Tivoli

software

information

center

page.

Product

publications

include

release

notes,

installation

guides,

user’s

guides,

administrator’s

guides,

and

developer’s

references.

Note:

To

ensure

proper

printing

of

PDF

publications,

select

the

Fit

to

page

check

box

in

the

Adobe

Acrobat

Print

window

(which

is

available

when

you

click

File

→

Print).

Accessibility

The

product

documentation

includes

the

following

features

to

aid

accessibility:

v

Documentation

is

available

in

both

HTML

and

convertible

PDF

formats

to

give

the

maximum

opportunity

for

users

to

apply

screen-reader

software.

v

All

images

in

the

documentation

are

provided

with

alternative

text

so

that

users

with

vision

impairments

can

understand

the

contents

of

the

images.

Preface

ix

http://otn.oracle.com/tech/index.htmlhttp://www.ibm.com/software/network/directoryhttp://wwws.sun.com/software/products/directory_srvr/5.1/index.htmlhttp://www-4.ibm.com/software/ts/mqserieshttp://www-3.ibm.com/software/webservers/httpservers/library.htmlhttp://www.ibm.com/software/tivoli/library/http://www.ibm.com/software/tivoli/library/http://www.ibm.com/software/tivoli/library/

Contacting

Software

Support

Before

contacting

IBM

Tivoli

Software

Support

with

a

problem,

refer

to

the

IBM

Tivoli

Software

Support

site

by

clicking

the

Tivoli

support

link

at

the

following

Web

site:

http://www.ibm.com/software/support/

If

you

need

additional

help,

contact

software

support

by

using

the

methods

described

in

the

IBM

Software

Support

Guide

at

the

following

Web

site:

http://techsupport.services.ibm.com/guides/handbook.html

The

guide

provides

the

following

information:

v

Registration

and

eligibility

requirements

for

receiving

support

v

Telephone

numbers,

depending

on

the

country

in

which

you

are

located

v

A

list

of

information

you

should

gather

before

contacting

customer

support

Conventions

Used

in

this

Book

This

reference

uses

several

conventions

for

special

terms

and

actions

and

for

operating

system-dependent

commands

and

paths.

Typeface

Conventions

The

following

typeface

conventions

are

used

in

this

reference:

Bold

Lowercase

commands

or

mixed

case

commands

that

are

difficult

to

distinguish

from

surrounding

text,

keywords,

parameters,

options,

names

of

Java

classes,

and

objects

are

in

bold.

Italic

Variables,

titles

of

publications,

and

special

words

or

phrases

that

are

emphasized

are

in

italic.

Monospace

Code

examples,

command

lines,

screen

output,

file

and

directory

names

that

are

difficult

to

distinguish

from

surrounding

text,

system

messages,

text

that

the

user

must

type,

and

values

for

arguments

or

command

options

are

in

monospace.

Operating

System

Differences

This

book

uses

the

UNIX

convention

for

specifying

environment

variables

and

for

directory

notation.

When

using

the

Windows

command

line,

replace

$variable

with

%variable%

for

environment

variables

and

replace

each

forward

slash

(/)

with

a

backslash

(\)

in

directory

paths.

If

you

are

using

the

bash

shell

on

a

Windows

system,

you

can

use

the

UNIX

conventions.

Revision

Bars

used

in

the

Version

4.5.1

Library

The

Tivoli

Identity

Manager

version

4.5.1

technical

documentation

library

makes

use

of

revision

bar

characters

to

indicate

where

technical

changes

have

occurred

to

the

information

previously

found

in

the

version

4.5

library.

Revision

bars

are

indicated

by

a

vertical

line

(

|

)

in

the

page

margin

to

the

left

of

the

change.

Definitions

for

HOME

Directory

Variables

The

following

table

contains

the

default

definitions

used

in

this

document

to

represent

the

″HOME″

directory

level

for

various

product

installation

paths.

You

x

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

http://www.ibm.com/software/support/http://techsupport.services.ibm.com/guides/handbook.html

can

customize

the

installation

directory

and

HOME

directory

for

your

specific

implementation.

If

this

is

the

case,

you

need

to

make

the

appropriate

substitution

for

the

definition

of

each

variable

represented

in

this

table.

Path

Variable

Default

Definition

ITIM_HOME

Windows:

c:\itim45\

UNIX:

/itim45/

WAS_HOME

Windows:

C:\Program

Files\WebSphere\AppServer\

UNIX:

/opt/WebSphere/AppServer/

WAS_NDM_HOME

Windows:

C:\Program

Files\WebSphere\DeploymentManager\

UNIX:

/opt/WebSphere/DeploymentManager/

Preface

xi

xii

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

Chapter

1.

Introduction

This

manual

describes

installing,

initially

configuring,

and

verifying

the

Tivoli

Identity

Manager

Server

on

either

a

single-server

or

cluster

configuration.

Use

the

installation

documentation

that

matches

the

operating

system

and

Web

application

on

your

system.

There

is

also

a

Tivoli

Identity

Manager

Server

Installation

Guide

for

Windows

using

WebSphere.

Major

steps

to

install

and

begin

to

use

the

Tivoli

Identity

Manager

Server

vary

depending

on

whether

installation

is

for

a

single-server

or

cluster

configuration,

and

whether

a

pre-existing

WebSphere

Application

Server

is

used.

An

overview

of

steps

includes

the

following:

1.

Determining

whether

your

configuration

should

be

a

single

server

or

requires

a

more

scalable

cluster

or

functional

cluster

solution,

described

in

Chapter

2,

“Configuration

Overview,”

on

page

3.

2.

Installing

and

configuring

a

database

described

in

Chapter

3,

“Database

Configuration,”

on

page

11.

3.

Installing

and

configuring

a

directory

server,

described

in

Chapter

4,

“Directory

Server

Configuration,”

on

page

25.

4.

For

a

single-server

configuration,

installing

Tivoli

Identity

Manager

Server,

described

in

Chapter

5,

“Single-server

Installation:

Tivoli

Identity

Manager

Server,”

on

page

33.

5.

For

a

cluster

configuration,

doing

the

following:

v

Installing

and

configuring

prerequisite

WebSphere

Application

Server

support

described

in

Appendix

B,

“Preparing

the

WebSphere

Environment,”

on

page

97.

v

Creating

clusters

and

installing

Tivoli

Identity

Manager

Server,

described

in

Chapter

6,

“Cluster

Installation:

Tivoli

Identity

Manager

Server,”

on

page

59.

Note:

You

must

manually

install

the

required

fix

packs

for

a

cluster

configuration.

Hardware

and

Software

Requirements

For

a

list

of

software

and

hardware

requirements,

refer

to

the

IBM

Tivoli

Identity

Manager

Release

Notes.

Using

the

4.5.1

Installation

Image

Tivoli

Identity

Manager

Server

at

version

4.5.1

is

provided

on

Compact

Discs

(CDs)

for

new

platforms

(Linux,

HP-UX,

and

Windows

2003).

It

is

also

provided

on

fix

packs

for

platforms

that

are

supported

by

Tivoli

Identity

Manager

4.5.0

(AIX,

Solaris,

and

Windows

2000).

For

more

information,

see

Appendix

A,

“Installation

Images

as

Compact

Discs

and

Fix

Packs,”

on

page

89.

Upgrading

an

Existing

Tivoli

Identity

Manager

Use

the

Tivoli

Identity

Manager

version

4.5.1

fix

pack

installation

program

to

upgrade

an

existing

Tivoli

Identity

Manager

version

4.5.0.

©

Copyright

IBM

Corp.

2004

1

|

|||||

|

||

The

upgrade

steps

will

vary,

depending

on

the

previous

version

of

Tivoli

Identity

Manager.

For

more

information,

refer

to

the

appendixes

in

this

publication

that

describe

upgrading

Tivoli

Identity

Manager.

Installing

Tivoli

Identity

Manager

Version

4.5.1

on

a

New

Computer

To

install

Tivoli

Identity

Manager

on

a

new

computer

with

no

previous

instance

of

Tivoli

Identity

Manager:

v

For

new

platforms,

new

CDs

provide

the

Tivoli

Identity

Manager

version

4.5.1

installation

program,

required

middleware,

fix

packs,

and

files.

v

For

platforms

supported

at

version

4.5.0,

fix

packs

provide

Tivoli

Identity

Manager

version

4.5.1.

Use

the

existing

version

4.5.0

CDs

for

all

required

middleware,

fix

packs,

and

files.

2

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

|||

|

|

||

||

|||

Chapter

2.

Configuration

Overview

Tivoli

Identity

Manager

servers

in

a

WebSphere

Application

Server

environment

are

organized

in

either

a

single-server

configuration

or

a

cluster

configuration.

This

section

provides

a

brief,

high-level

description

of

configuration

options

and

an

overview

of

their

implementation

sequences.

Subsequent

chapters

provide

greater

implementation

detail.

Notes:

1.

Sample

configurations

in

this

chapter

require

a

number

of

prior

planning

activities

before

taking

the

steps

that

install

and

configure

this

product.

For

additional

documentation

that

describes

planning

to

meet

your

business

needs,

contact

your

customer

representative.

2.

For

additional

information

about

the

WebSphere

Application

Server

products,

refer

to

additional

documentation

cited

in

“Prerequisite

Product

Publications”

on

page

viii.

3.

Fix

packs

are

required

for

most

middleware

that

Tivoli

Identity

Manager

uses.

For

more

information,

refer

to

the

IBM

Tivoli

Identity

Manager

Release

Notes.

WebSphere

Application

Server

Terminology

The

following

terms

describe

elements

in

WebSphere

Application

Server

configurations:

cell

The

administrative

domain

that

a

Deployment

Manager

manages.

A

cell

is

a

logical

grouping

of

nodes

that

enables

common

administative

activities

in

a

WebSphere

Application

Server

distributed

environment.

A

cell

can

have

one

or

many

clusters.

node

A

node

is

a

logical

group

of

one

or

more

application

servers

on

a

physical

computer.

The

node

name

is

unique

within

the

cell.

A

node

name

usually

is

identical

to

the

host

name

for

the

computer.

That

is,

a

node

usually

corresponds

to

a

physical

computer

system

with

a

distinct

IP

address.

application

server

The

application

server

is

the

primary

component

of

WebSphere.

The

server

runs

a

Java

virtual

machine,

providing

the

runtime

environment

for

the

application’s

code.

The

application

server

provides

containers

that

specialize

in

enabling

the

execution

of

specific

Java

application

components.

Network

Deployment

Manager

The

administrative

process

used

to

provide

a

centralized

management

view

and

control

for

all

elements

in

a

WebSphere

Application

Server

distributed

cell,

including

the

management

of

clusters.

The

Network

Deployment

Manager

is

responsible

for

the

contents

of

the

repositories

on

each

of

the

nodes.

The

Network

Deployment

Manager

manages

this

through

communication

with

node

agent

processes

on

each

node

of

the

cell.

node

agent

A

node

agent

manages

all

managed

processes

on

a

WebSphere

Application

Server

on

a

node

by

communicating

with

the

Network

Deployment

Manager

to

coordinate

and

synchronize

the

configuration.

A

node

agent

performs

management

operations

on

behalf

of

the

Network

Deployment

©

Copyright

IBM

Corp.

2004

3

Manager.

The

node

agent

represents

the

node

in

the

management

cell.

Node

agents

are

installed

with

WebSphere

Application

Server

base,

but

are

not

required

until

the

node

is

added

to

a

cell

in

a

Network

Deployment

environment.

cluster

A

logical

grouping

of

one

or

more

functionally

identical

application

server

processes.

A

cluster

provides

ease

of

deployment,

configuration,

workload

balancing,

and

fallback

redundancy.

A

cluster

is

a

collection

of

servers

working

together

as

a

single

system

to

ensure

that

mission-critical

applications

and

resources

remain

available

to

clients.

Clusters

provide

scalability.

For

more

information,

refer

to

additional

documentation

that

customer

support

may

provide

that

describes

vertical

and

horizontal

clustering

in

the

WebSphere

Application

Server

distributed

environment.

cluster

member

An

instance

of

a

WebSphere

Application

Server

in

a

cluster.

WebSphere

Web

Server

plug-in

The

WebSphere

Web

Server

plug-in

is

a

component

installed

onto

an

HTTP

server

to

take

incoming

requests

and

transport

them

to

the

appropriate

Web

container

in

a

cluster.

The

behavior

of

the

plug-in

is

governed

by

the

plugin-cfg.xml

file.

The

plug-in

allows

the

Web

server

to

communicate

requests

for

dynamic

content,

such

as

servlets,

to

the

application

server.

Single-Server

Configurations

A

single-server

configuration

might

install

WebSphere

Application

Server

base

and

other

required

applications

on

one

physical

computer.

The

Tivoli

Identity

Manager

Server

provides

both

user

interface

and

workflow

processing.

4

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

The

configuration

on

one

computer

requires

the

following:

v

A

database

to

store

transactional

information

v

A

directory

server

v

WebSphere

Application

Server

base

v

Tivoli

Identity

Manager

Server

v

An

HTTP

server

such

as

IBM

HTTP

Server

and

a

WebSphere

Web

Server

plug-in.

For

a

basic

definition

of

WebSphere

Web

Server

plug-in,

see

“WebSphere

Application

Server

Terminology”

on

page

3.

For

more

information

on

configuring

the

WebSphere

Web

Server

plug-in,

see

“Alternatives

in

Configuring

the

HTTP

Server”

on

page

115.

Optionally,

you

can

install

the

instance

of

WebSphere

Application

Server

base

and

Tivoli

Identity

Manager

Server

on

one

physical

computer

and

install

all

other

required

applications

on

one

or

more

additional

computers.

Note:

For

additional

manual

configuration

steps

required

if

you

install

IBM

Directory

Server

version

5.1

on

the

same

computer

that

has

WebSphere

Application

Server,

see

“Using

Version

5.1

and

WebSphere

Application

Server

on

the

Same

Computer”

on

page

30.

WebSpherebase

Tivoli IdentityManager Server

HTTP Server

Web Serverplugin

DirectoryServer

TivoliIdentity

ManagerDatabase

Figure

1.

Single-server

configuration

on

one

physical

computer

Chapter

2.

Configuration

Overview

5

The

computer

that

has

the

Tivoli

Identity

Manager

Server

requires

the

following:

v

WebSphere

Application

Server

base

v

A

JDBC

driver

(the

database

client)

The

additional

computers

have

the

following:

v

A

database

to

store

transactional

information

v

A

directory

server

v

An

HTTP

server

such

as

IBM

HTTP

Server

and

the

WebSphere

Web

Server

plug-in

For

more

information,

see

Chapter

5,

“Single-server

Installation:

Tivoli

Identity

Manager

Server,”

on

page

33.

Cluster

Configurations

for

Tivoli

Identity

Manager

Cluster

configurations

for

Tivoli

Identity

Manager

specify

one

of

the

following:

v

“Single-cluster

Configuration”

on

page

7

v

“Functional

Cluster

Configuration”

on

page

8

Note:

In

a

clustered

environment

(either

a

regular

or

functional

cluster),

the

name

of

the

installation

directory

must

be

the

same

for

all

cluster

members.

Specify

an

identical

directory

to

avoid

later

runtime

difficulties

in

certificate

recognition

or

in

HR

feed

activities

on

different

cluster

member

computers.

For

example,

specify

/itim45

as

the

directory

on

all

cluster

member

computers.

Additionally,

the

DSML

identity

feed

input

files

and

certificate

files

must

be

present

and

in

the

same

directory

on

each

node.

For

more

information

on

configuring

clusters,

see

“Creating

Clusters

Using

Network

Deployment

Manager”

on

page

61.

For

release

levels

and

fix

pack

specifications,

refer

to

the

IBM

Tivoli

Identity

Manager

Release

Notes.

WebSpherebase

JDBC driver

Tivoli IdentityManager Server

DirectoryServer

HTTPServer

Web Serverplugin

TivoliIdentity

ManagerDatabase

Figure

2.

Single-server

configuration

on

multiple

physical

computers

6

IBM

Tivoli

Identity

Manager:

Server

Installation

Guide

on

UNIX

and

Linux

using

WebSphere

|||||||

Notes:

1.

In

the

following

illustrations,

each

box

shape

represents

one

WebSphere

node

on

one

physical

computer.

It

is

recommended

that

only

one

node

be

created

on

one

computer.

2.

If

you

install

IBM

Directory

Server

version

5.1

on

the

same

computer

that

has

WebSphere

Application

Server,

see

“Using

Version

5.1

and

WebSphere

Application

Server

on

the

Same

Computer”

on

page

30

for

additional

manual

steps

that

are

required.

Tivoli

Identity

Manager

Server

Tiers

As

provided

by

Tivoli

Identity

Manager

Server,

a

tier

is

a

subset

of

functions,

such

as

the

functions

that

handle

user

interface

activity

or

the

functions

that

handle

workflow

activity.

Tivoli

Identity

Manager

Server

can

be

installed

as

a

multi-tiered

server

that

enables

you

to

allocate

the

function