Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:services:general_services:idm:installing_remote_loader_software [2018/09/14 11:07]
skloepp2 [Installation on Windows]
en:services:general_services:idm:installing_remote_loader_software [2019/05/09 11:57]
skloepp2 [Installation on Windows]
Line 1: Line 1:
 +====== ​ Remote loader installation ​ ======
 +=====  General ​ =====
 +The remote loader is used to synchronize data between the meta directory and the connected system (AD, LDAP, MySQL, etc).
 +It is required to open the communication port (default 8090 (TCP) incomming) for the following IP addresses within your firewall:
  
 +<​code>​
 +134.76.10.204
 +134.76.10.205
 +134.76.10.206
 +134.76.10.207
 +134.76.10.208
 +134.76.10.209
 +134.76.10.210
 +AND
 +134.76.9.64/​28
 +</​code>​
 +
 +For system requirements see: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|System requirements P. 154 ff]]
 +
 +=====  Installation on Windows ​ =====
 +Remote loader files: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6WindowsSetup.zip|- download -]]\\ 
 +Remote loader SP 3: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6SP3.zip|- download -]]\\ 
 +T-TeleSec-GlobalRoot-Class-2-chain:​ [[https://​idm.gwdg.de/​RemoteLoader/​T-TeleSec-GlobalRoot-Class-2-chain.zip|- download -]]\\ 
 +Documentation remote loader installation (NetIQ) P. 149 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|- link -]]\\ 
 +PW-Filter installation P 49 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46-drivers/​pdfdoc/​ad/​ad.pdf|- link]]
 +
 +====  Installation ​ ====
 +  *  Download remote loader files
 +  *  Download T-TeleSec-GlobalRoot-Class-2 certificate
 +  *  Extract remote loader files and certificate
 +  *  run idm_install.exe
 +  *  Choose only **Novell Identity Manager Connected System Server (64-bit)** ​
 +  *  Ignore licence warning
 +
 +====  Configuration ​ ====
 +  *  Run rlconsole.exe within the installation path **as administrator** (Default: C:​\Novell\RemoteLoader)
 +  *  Click add
 +  *  Add description
 +  *  Choose driver (eg. ADDriver.dll)
 +  *  Set communication port (Default: 8090)
 +  *  Set remote loader password (required by GWDG)
 +  *  Set driver object password (required by GWDG)
 +  *  Activate SSL
 +  *  choose path to //​T-TeleSec-GlobalRoot-Class-2-chain.b64//​
 +  * Select "run as servcie"​
 +  *  Accept (don't start the remote loader service)
 +  * Go to the installation path (Default: C:​\Novell\RemoteLoader) and edit the file <​instanceName>​-Config.txt (maybe you have to open the file as administrator)
 +  *  Start the remote loader
 +
 +====  Notices ​ ====
 +If you are using the Active Directory driver you have to run the service as administrator.
 +
 +=====  Installation on Linux  =====
 +The installation on Linux systems differs between certified sytsems (SLES 11, RHEL 6.5, OES 11, etc.) and non-certified systems.
 +If you are using a non-certified system eg. Ubuntu the Java remote loader has to  be installed.
 +
 +====  Installation on certified Linux systems ​ ====
 +Remote loader files: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6LinuxSetup.zip|- download -]]\\ 
 +Remote loader SP 3: [[https://​idm.gwdg.de/​RemoteLoader/​RemoteLoader4.6SP3.zip|- download -]]\\ 
 +T-TeleSec-GlobalRoot-Class-2-chain:​ [[https://​idm.gwdg.de/​RemoteLoader/​T-TeleSec-GlobalRoot-Class-2-chain.zip|- download -]]\\ 
 +Documentation remote loader installation (NetIQ) P. 149 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|- link -]]
 +
 +===  Prerequisites ​ ===
 +  *  Download remote loader files
 +  *  Download T-TeleSec-GlobalRoot-Class-2 certificate
 +  *  Extract the certificate
 +
 +==  CentOS 6  ==
 +The 32Bit version of glibc has to be installed on x86_64 systems:
 +<​code>​
 +yum install glibc.i686
 +</​code>​
 +
 +===  Installation ​ ===
 +  *  Extract remote loader
 +  *  Edit file  **silent.properties**
 +    *  METADIRECTORY_SERVER_SELECTED=false
 +    *  WEB_ADMIN_SELECTED=false
 +    *  UTILITIES_SELECTED=false
 +    *  Choose remote loader
 +      *  32 Bit
 +        *  CONNECTED_SYSTEM_SELECTED=true
 +        *  X64_CONNECTED_SYSTEM_SELECTED=false
 +      *  64 Bit
 +        *  CONNECTED_SYSTEM_SELECTED=false
 +        *  X64_CONNECTED_SYSTEM_SELECTED=true
 +
 +  *  Run the following commands as root in the setup directory: ​
 +<​code>​
 +chmod -R 755 *
 +./​idm_linux.bin -i silent -f silent.properties
 +</​code>​
 +
 +
 +
 +====  Installation on **non-certified** Linux systems ​ ====
 +Remote Loader files: [[https://​idm.gwdg.de/​RemoteLoader/​JavaRemoteLoader4.6.zip|- download -]]\\ 
 +T-TeleSec-GlobalRoot-Class-2-chain:​ [[https://​idm.gwdg.de/​RemoteLoader/​T-TeleSec-GlobalRoot-Class-2-chain.zip|- download -]]\\ Documentation remote loader installation (NetIQ) P. 149 ff: [[https://​www.netiq.com/​documentation/​identity-manager-46/​pdfdoc/​setup/​setup.pdf|- link -]]
 +
 +===  Prerequisites ​ ===
 +  *  Download remote loader files
 +  *  Download T-TeleSec-GlobalRoot-Class-2 certificate
 +  *  Extract the certificate
 +  *  JRE Java8u112, at a minimum is required
 +
 +===  Install Java remote loader ​ ===
 +  *  Extract Java remote loader
 +  *  Make dirxml_jremote and create_keystore executable
 +
 +====  Configuration ​ ====
 +  *  Change in the installation directory eg. ///​opt/​novell/​dirxml/​bin/​x86_64///​
 +  * Crerate keystore file
 +  * <​code>​./​create_keystore T-TeleSec-GlobalRoot-Class-2-chain.b64</​code>​
 +  * Edit dirxml_jremote and replace
 +  * <​code>​jarlist=`ls /​opt/​novell/​eDirectory/​lib/​dirxml/​classes/​*.jar`</​code>​
 +  * with
 +  * <​code>​jarlist=`ls /<​installation path>/​lib/​*.jar`</​code>​
 +  *  Add/Edit **config8000.txt**
 +**Example LDAP Konfiguration**
 +<​code>​
 +-commandport 8000
 +-connection "​port=8090 keystore='<​installation directory>/​dirxml.keystore'​ storepass=dirxml"​
 +-trace 4
 +-tracefile ./​trace8000.log
 +-tracefilemax 10M
 +-class com.novell.nds.dirxml.driver.ldap.LDAPDriverShim
 +</​code>​
 +  *  Set remote loader and driver object password (both are required by GWDG):
 +<​code>​
 +./​dirxml_jremote -config config8000.txt -sp <remote loader password>​ <driver object password>​
 +</​code>​
 +
 +  *  Run the Java remote loader: ​
 +<​code>​
 +./​dirxml_jremote -config config8000.txt
 +</​code>​
 +  *  Java has to be in PATH variable! ​
 +<​code>​
 +PATH=$PATH:/​path/​to/​java/​bin/​
 +</​code>​
 +
 +==== Remote loader start script example ====
 +<​code>​
 +#!/bin/sh
 +INSTDIR=/​opt/​novell/​dirxml/​bin/​x86_64/​
 +STAGEDIR=$INSTDIR/​stage
 +USER=ldap
 +
 +export PATH=/​usr/​local/​bin:​$PATH
 +
 +cd $INSTDIR
 +
 +case "​$1"​ in
 +
 +  stop)
 +    kill `ps aux | grep '​[d]irxml_remote'​ | awk '{ print $2}'`
 +    ;;
 +
 +  start|*)
 +    echo -n " rloader"​
 +    exec > /dev/null 2>&1
 +    touch trace8000.log
 +    chown $USER trace8000.log
 +    su $USER -c "​$INSTDIR/​dirxml_jremote -config $INSTDIR/​config8000.txt &"
 +    ;;
 +
 +esac
 +</​code>​