What this guide covers:
- Setup X11 forwarding to allow GUI setup
- Install Linux Dependencies
- Install CA Directory
- Install CA Identity Manager product
- Silent Install Example File
- Installer in DEBUG mode
- Applications Servers Specific Instructions for Clusters
- Possible Errors during Install
Setup X11 forwarding to allow GUI setup
https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec1423021.html
Download an X11 forwarding client like Xming or Cywin/X. In the example below, I'll use Xming as a reference.
Once Xming is downloaded, make sure you setup your ssh client to use X11 forwarding.
1) Use an X11 server application such as Xming or Cygwin/X
2) Enable X11 forwarding in your client (Putty is used as an example. See image below)
Note: Stop here if you don't need to run Xming as a different user.
How to run Xming as different user:
- Enable X-11 Forwarding in your client
- Log in as your normal user
echo $DISPLAY
to get the associated displayxauth list
, find the display number which corresponds with what you found in #3 and copy it (Make sure you copy everything in the output)- Sudo to root
xauth add <paste in what you copied from #4>
- Now you can execute commands as root and will be able to se the X11 Forwarding connection
Install Linux Dependencies
Make sure these commands are run (the "-y" parameter forces the library to install):
Note: These are the 32-bit packages and must be installed even if the Linux Distro is in 64-bit. In RHEL 7.x an extra command needs to be run to install packages:
RHEL 7.x:
subscription-manager register --username <username> --password <password> --auto-attach
subscription-manager refresh
Then run below libraries in RHEL 6.x.
RHEL 6.x and lower:
yum install -y glibc.i686
yum install -y libXext.i686
yum install -y libXtst.i686
yum install -y ncurses-devel.i686
yum install -y compat-libstdc++.i686
yum install -y libstdc++-libc6.2-2.so.3
yum install -y libstdc++.i686
yum install -y libidn.i686
yum install -y libgcc.i686
yum install -y libX11.i686
yum install -y libxcb.i686
yum install -y libXau.i686
yum install -y libXi.i686
yum install -y nss-softokn-freebl.i686
yum install -y libXmu.i686
yum install -y libXft.i686
yum install -y libXpm.i686
yum install -y ncurses-devel.i686
yum install -y ksh
This is required from the IDM 12.6.8 CR1 installer:
yum install - y xrender.i686
mv /dev/random /dev/random.orig
ln -s /dev/urandom /dev/random
chkconfig iptables off (RHEL 6.x only)
service iptables stop (RHEL 6.x only)
vi /etc/selinux/config
SELINUX=permissive
setenforce 0
For RHEL 7.x:
Instead of
chkconfig iptables off
service iptables stop
Run
systemctl disable firewalld.service
systemctl stop firewalld.service
To check entropy:
cat /proc/sys/kernel/random/entropy_avail
Increase JCS TIMEOUT:
export JCS_SERVICE_TIMEOUT=600
Install CA Directory product:
Run the setup.sh file from .../CADirectory.../dxserver
Get a copy of NeteAuto.ldif from the CA Identity Manager samples folder and upload it to any desired directory or
Use the attached sample userstore.ldif I have attached onto this post at the bottom of this document.
The sample user would be imadmin and password can be found in the ldif file.
su - dsa
dxnewdsa <insert-dsa-name> 11389 dc=security,dc=com
dxserver stop <insert-dsa-name>
dxloaddb <insert-dsa-name> /CA_Install/NeteAuto.ldif
dxserver start <insert-dsa-name>
dxserver status
Install CA Identity Manager product:
Be sure to check the CA Identity Manager Support Matrix
- For CA IDM 12.6.8 or lower: click here
- For CA IDM 14.0: click here
From the install directory where the file was unzipped, run the installer:
./ca-im-<IM-VERSION_NUMBER>-linux.bin
Note: Make sure this command is not run in console mode and Xming is enabled! Console mode prevents the installer from installing as a cluster.
Silent Install Example File
For IDM version 12.6.x and later, this file was used to perform an Identity Manager install without the addtional components. Please use this guide as it has an example file available:
Successful install of CA Identity Manager using a silent install file
After the sample file has been created, use this command to begin the install (assuming the file you created is named im-installer.properties):
Windows:
ca-im-release-win32.exe -f im-installer.properties -i silent
UNIX:
./ca-im-release-sol.bin -f im-installer.properties -i silent
Changing default temp location
Set the variable IATEMPDIR
Linux: Ex. export IATEMPDIR=/<newlocation>
Installer in DEBUG mode
Execute this command before running the installer:
export LAX_DEBUG=true
Further References for Logging in DEBUG:
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec489216.aspx
Applications Servers Specific Instructions:
- Weblogic
- In the AdminServer field, "AdminServer" must be typed in!
- In the URL field the format should look like this: http:\\<hostname>:7001 (Default AdminServer port is 7001)
- Cluster name can be anything you choose to be
- During the startup of the weblogic nodes:
- 11g uses this command line instruction: ./startManagedWebLogic.sh <IM_NODE_NAME> -Xms256m -Xmx1024m -XX:ReservedCodeCacheSize=50m -XX:MaxPermSize=256m -Djavax.xml.stream.XMLInputFactory=weblogic.xml.stax.XMLStreamInputFactory -Dweblogic.management.server=<ADMINSERVER_HOSTNAME>:<ADMIN-PORT>
- 12c uses this command line instruction: ./startManagedWebLogic.sh <IM_NODE_NAME> -Xms256m -Xmx1024m -XX:ReservedCodeCacheSize=50m -XX:MaxPermSize=256m -Dweblogic.management.server=<ADMINSERVER_HOSTNAME>:<ADMIN-PORT>
- POST Weblogic Install Specific Instructions
- Create a Distributed JMS Server
- Make an IM_JMS_filestore directory (Ex. WL_HOME\user_projects\IM_JMS_filestore)
- Under Admin Console, go to Services -> Messaging -> JMS Servers (See attached image below)
- JBoss
- JBoss App Server and Identity Manager needs to be installed on x numbered of nodes in environment. During the install, Identity Manager asks for the nodes "Peer Server ID" (This is determined by the installer).
- Recommended options are to select "Unicast" for Master Node procedure
- Configuring journal files recommended option would be for "Shared Store"
- Configure the JK Connector
- Fill in the worker.workerN.host field with your corresponding nodes’ hostnames.
For example, consider a cluster where the CA Identity Manager server is installed on three JBoss hosts named myhostA, myhostB, and myhostC, using Peer IDs 1, 2, and 3.
-Websphere
Possible Errors during Install:
32 bit ncurses library is not installed.
Reason: On a 64 bit system the 32 bit library libncurses is necessary.
Action: \Please install the ncurses 32 bit package with version >= 5.
There are 2 possible solutions to this error:
Please make sure that the following 32 bit RPMs are installed:
libncurses6-32bit
ncurses-devel-32bit
glibc-32bit
glibc-locale-32bit
libstdc++33-32bit
libstdc++43-32bit
or
Creating a symbolic link in /usr/lib to the 32 bit library in /lib:
/usr/lib # ln –s /lib/libncurses.so.5.6 libncurses.so.5.6
Weblogic node doesn't start up after fresh install
Please refer to this TEC DOC:
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1194868.aspx
JBoss RPM Linux Install failed to complete due to "Unsupported Version" even though version is listed as compatible on Compatibility Matrix (Support Matrix)
CA Identity Manager does not support RPM installs. This type of install has not been tested with our engineering and will not be supported.
Linked TEC DOC:
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1423021.aspx