Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
en:services:general_services:idm:installing_remote_loader_software [2018/09/14 11:07]
skloepp2 [Installation on Windows]
en:services:general_services:idm:installing_remote_loader_software [2019/05/09 11:56]
skloepp2 [Installation on Windows]
Line 1: Line 1:
 +====== ​ Remote loader installation ​ ======
 +=====  General ​ =====
 +The remote loader is used to synchronize data between the meta directory and the connected system (AD, LDAP, MySQL, etc).
 +It is required to open the communication port (default 8090 (TCP) incomming) for the following IP addresses within your firewall:
  
 +<​code>​
 +134.76.10.204
 +134.76.10.205
 +134.76.10.206
 +134.76.10.207
 +134.76.10.208
 +134.76.10.209
 +134.76.10.210
 +AND
 +134.76.9.64/​28
 +</​code>​
 +
 +For system requirements see: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|System requirements P. 154 ff]]
 +
 +=====  Installation on Windows ​ =====
 +Remote loader files: [[https://​idm.gwdg.de/​RemoteLoader/​IDM46_JDBC_4050.zip|- download -]]\\ 
 +Remote loader files: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6WindowsSetup.zip|- download -]]\\ 
 +Remote loader SP 3: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6SP3.zip|- download -]]\\ 
 +T-TeleSec-GlobalRoot-Class-2-chain:​ [[https://​idm.gwdg.de/​RemoteLoader/​T-TeleSec-GlobalRoot-Class-2-chain.zip|- download -]]\\ 
 +Documentation remote loader installation (NetIQ) P. 149 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|- link -]]\\ 
 +PW-Filter installation P 49 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46-drivers/​pdfdoc/​ad/​ad.pdf|- link]]
 +
 +====  Installation ​ ====
 +  *  Download remote loader files
 +  *  Download T-TeleSec-GlobalRoot-Class-2 certificate
 +  *  Extract remote loader files and certificate
 +  *  run idm_install.exe
 +  *  Choose only **Novell Identity Manager Connected System Server (64-bit)** ​
 +  *  Ignore licence warning
 +
 +====  Configuration ​ ====
 +  *  Run rlconsole.exe within the installation path **as administrator** (Default: C:​\Novell\RemoteLoader)
 +  *  Click add
 +  *  Add description
 +  *  Choose driver (eg. ADDriver.dll)
 +  *  Set communication port (Default: 8090)
 +  *  Set remote loader password (required by GWDG)
 +  *  Set driver object password (required by GWDG)
 +  *  Activate SSL
 +  *  choose path to //​T-TeleSec-GlobalRoot-Class-2-chain.b64//​
 +  * Select "run as servcie"​
 +  *  Accept (don't start the remote loader service)
 +  * Go to the installation path (Default: C:​\Novell\RemoteLoader) and edit the file <​instanceName>​-Config.txt (maybe you have to open the file as administrator)
 +  *  Start the remote loader
 +
 +====  Notices ​ ====
 +If you are using the Active Directory driver you have to run the service as administrator.
 +
 +=====  Installation on Linux  =====
 +The installation on Linux systems differs between certified sytsems (SLES 11, RHEL 6.5, OES 11, etc.) and non-certified systems.
 +If you are using a non-certified system eg. Ubuntu the Java remote loader has to  be installed.
 +
 +====  Installation on certified Linux systems ​ ====
 +Remote loader files: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6LinuxSetup.zip|- download -]]\\ 
 +Remote loader SP 3: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6SP3.zip|- download -]]\\ 
 +T-TeleSec-GlobalRoot-Class-2-chain:​ [[https://​idm.gwdg.de/​RemoteLoader/​T-TeleSec-GlobalRoot-Class-2-chain.zip|- download -]]\\ 
 +Documentation remote loader installation (NetIQ) P. 149 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|- link -]]
 +
 +===  Prerequisites ​ ===
 +  *  Download remote loader files
 +  *  Download T-TeleSec-GlobalRoot-Class-2 certificate
 +  *  Extract the certificate
 +
 +==  CentOS 6  ==
 +The 32Bit version of glibc has to be installed on x86_64 systems:
 +<​code>​
 +yum install glibc.i686
 +</​code>​
 +
 +===  Installation ​ ===
 +  *  Extract remote loader
 +  *  Edit file  **silent.properties**
 +    *  METADIRECTORY_SERVER_SELECTED=false
 +    *  WEB_ADMIN_SELECTED=false
 +    *  UTILITIES_SELECTED=false
 +    *  Choose remote loader
 +      *  32 Bit
 +        *  CONNECTED_SYSTEM_SELECTED=true
 +        *  X64_CONNECTED_SYSTEM_SELECTED=false
 +      *  64 Bit
 +        *  CONNECTED_SYSTEM_SELECTED=false
 +        *  X64_CONNECTED_SYSTEM_SELECTED=true
 +
 +  *  Run the following commands as root in the setup directory: ​
 +<​code>​
 +chmod -R 755 *
 +./​idm_linux.bin -i silent -f silent.properties
 +</​code>​
 +
 +
 +
 +====  Installation on **non-certified** Linux systems ​ ====
 +Remote Loader files: [[https://​idm.gwdg.de/​RemoteLoader/​JavaRemoteLoader4.6.zip|- download -]]\\ 
 +T-TeleSec-GlobalRoot-Class-2-chain:​ [[https://​idm.gwdg.de/​RemoteLoader/​T-TeleSec-GlobalRoot-Class-2-chain.zip|- download -]]\\ Documentation remote loader installation (NetIQ) P. 149 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|- link -]]
 +
 +===  Prerequisites ​ ===
 +  *  Download remote loader files
 +  *  Download T-TeleSec-GlobalRoot-Class-2 certificate
 +  *  Extract the certificate
 +  *  JRE Java8u112, at a minimum is required
 +
 +===  Install Java remote loader ​ ===
 +  *  Extract Java remote loader
 +  *  Make dirxml_jremote and create_keystore executable
 +
 +====  Configuration ​ ====
 +  *  Change in the installation directory eg. ///​opt/​novell/​dirxml/​bin/​x86_64///​
 +  * Crerate keystore file
 +  * <​code>​./​create_keystore T-TeleSec-GlobalRoot-Class-2-chain.b64</​code>​
 +  * Edit dirxml_jremote and replace
 +  * <​code>​jarlist=`ls /​opt/​novell/​eDirectory/​lib/​dirxml/​classes/​*.jar`</​code>​
 +  * with
 +  * <​code>​jarlist=`ls /<​installation path>/​lib/​*.jar`</​code>​
 +  *  Add/Edit **config8000.txt**
 +**Example LDAP Konfiguration**
 +<​code>​
 +-commandport 8000
 +-connection "​port=8090 keystore='<​installation directory>/​dirxml.keystore'​ storepass=dirxml"​
 +-trace 4
 +-tracefile ./​trace8000.log
 +-tracefilemax 10M
 +-class com.novell.nds.dirxml.driver.ldap.LDAPDriverShim
 +</​code>​
 +  *  Set remote loader and driver object password (both are required by GWDG):
 +<​code>​
 +./​dirxml_jremote -config config8000.txt -sp <remote loader password>​ <driver object password>​
 +</​code>​
 +
 +  *  Run the Java remote loader: ​
 +<​code>​
 +./​dirxml_jremote -config config8000.txt
 +</​code>​
 +  *  Java has to be in PATH variable! ​
 +<​code>​
 +PATH=$PATH:/​path/​to/​java/​bin/​
 +</​code>​
 +
 +==== Remote loader start script example ====
 +<​code>​
 +#!/bin/sh
 +INSTDIR=/​opt/​novell/​dirxml/​bin/​x86_64/​
 +STAGEDIR=$INSTDIR/​stage
 +USER=ldap
 +
 +export PATH=/​usr/​local/​bin:​$PATH
 +
 +cd $INSTDIR
 +
 +case "​$1"​ in
 +
 +  stop)
 +    kill `ps aux | grep '​[d]irxml_remote'​ | awk '{ print $2}'`
 +    ;;
 +
 +  start|*)
 +    echo -n " rloader"​
 +    exec > /dev/null 2>&1
 +    touch trace8000.log
 +    chown $USER trace8000.log
 +    su $USER -c "​$INSTDIR/​dirxml_jremote -config $INSTDIR/​config8000.txt &"
 +    ;;
 +
 +esac
 +</​code>​