Symantec Privileged Access Management

Tech Tip - CA Privileged Identity Manager:  Installing ControlMinder 12.9 on RHEL 6 and configure AD as userstore

  • 1.  Tech Tip - CA Privileged Identity Manager:  Installing ControlMinder 12.9 on RHEL 6 and configure AD as userstore

    Posted 11-02-2015 07:33 PM

    Reference :Installing ControlMinder 12.9 on RHEL 6 and configure AD as userstore for AdminUI

     

    This is a step by step procedure to install PIM 12.9 on RHEL 6.6
    Follow the instruction on "CA ControlMinder Implementation Guide" "Chapter 3. Installing the Enterprise Management Server"

    1. Mount the 3rd party ISO(DVD04091143E.iso)
    2. "# uname -m" to determine the OS architecture (to determine if you should 32bit or 64bit jdk)
    3. Install jdk from the matching architecture folder. (It will be installed to /usr/java/jdk1.7.0_71)
    1.png
    4. Create /etc/profile.d/java.sh
      export PATH=/usr/java/jdk1.7.0_71/bin:$PATH:
    5. Extract JBOSS
    • cd /opt/
    • unzip jboss-4.2.3.GA.zip

    6. Configure JBOSS (to prevent port conflict with tomcat which will be installed later)

    • /opt/jboss-4.2.3.GA/server/default/deploy/jboss-web.deployer/server.xml (Modify the port 8080 to 18080 and 8443 to 18443)

    2.png3.png

    • /opt/jboss-4.2.3.GA/server/default/conf/jboss-minimal.xml

    4.png5.png

    • /opt/jboss-4.2.3.GA/server/default/conf/jboss-service.xml
    6.png
    7.png
    7. Configure the JBOSS to startup automatically (https://community.jboss.org/wiki/startjbossonbootwithlinux)
    It is better to copy the following content in the box and paste in the vi. If you manually type, the quotes can cause problem.

    # vi /etc/rc.d/init.d/jboss
    #! /bin/sh
    start(){
         echo "Starting jboss.."
         /opt/jboss-4.2.3.GA/bin/run.sh > /dev/null 2> /dev/null &
    }
    stop(){
         echo "Stopping jboss.."
         /opt/jboss-4.2.3.GA/bin/shutdown.sh -S &
    }
    restart(){
         stop
         sleep 60
         killall java
         start
    }
    case "$1" in
      start)
            start
            ;;
      stop)
            stop
            ;;
      restart)
            restart
            ;;
      *)
            echo "Usage: jboss {start|stop|restart}"
            exit 1
    esac
    exit 0
    # ln -s /etc/rc.d/init.d/jboss /etc/rc3.d/S84jboss

    8. Set the ulimit to 10000 to prevent error during installation (# ulimit -n 10000)

    9. Install pre-requisite rpm packages
    # yum install -y ld-linux.so.2 libICE.so.6 libSM.so.6 libX11.so.6 libXext.so.6 libXp.so.6 libXt.so.6 libc.so.6 libcrypt.so.1 libdl.so.2 libgcc_s.so.1 libm.so.6 libncurses.so.5 libnsl.so.1 libpam.so.0 libpthread.so.0 libresolv.so.2 libstdc++.so.5 libaudit.so.1 ksh dos2unix libgcc_s.so.1 libpthread.so.0 libstdc++.so.6 rpm-build freerdp-libs freerdp
    8.png
    ====================Pre-requisites satisfied=======================


    10. Reboot the machine and see if jboss started up fine. (Check if the jboss service script ran fine)

    11. Shutdown jboss

    12. Mount the ControlMinder Enterprise Manager ISO(DVD04090913E.iso).

    13. Open an SSH terminal (do not run the installer from GUI as it will get stuck with high cpu)

    14. Install PIM 12.9 from the DVD/ISO
    # /media/CA_CM_PS_12_90_L/EnterpriseMgmt/Disk1/InstData/NoVM/install_EntM.bin -i console
    9.png
    10.png
    11.png
    12.png
    13.png
    14.png
    15.png
    16.png
    Entered "Siteminder1"
    17.png
    You need to have a DB instance ready at this point.
    You do not need to manually import any schema, the installer does everything for you.
    18.png
    19.png
    20.png
    21.png
    22.png
    23.png

    15. Reboot and test login to http://<server>.<domain>:18080/iam/ac

    16. Login as administrator (AD User)
    24.png
    25.png