qw208o kt9c websphere d unix -...
TRANSCRIPT
IBM Tivoli Identity Manager
~qw208O(kT9CWebSphere D UNIX)f> 4.5.0
S152-0643-00
���
IBM Tivoli Identity Manager
~qw208O(kT9CWebSphere D UNIX)f> 4.5.0
S152-0643-00
���
"b:
Z9C>JO0d'VDz7.0,kDAZ 135 3D=< H, :yw;PDE"#
Z}f(2003 j 9 B)
>f>JCZ Tivoli Identity Manager V4.5.0 T0yPDsx"PfM^)f,1=ZBf>PmPyw*9#
© Copyright International Business Machines Corporation 2003. All rights reserved.
?<
0T . . . . . . . . . . . . . . . . v>iDA_ . . . . . . . . . . . . . . . vvfo . . . . . . . . . . . . . . . . v
Tivoli Identity Manager ~qwJOb . . . . . vX8m~z7vfo . . . . . . . . . . . vi`Xvfo . . . . . . . . . . . . . . viZ_CJvfo . . . . . . . . . . . . vi
(z!n . . . . . . . . . . . . . . . vii*5m~'V . . . . . . . . . . . . . . vii>iP9CD<( . . . . . . . . . . . . viiInstallation Directory Conventions . . . . . . . viii
Z 1 B i\ . . . . . . . . . . . . . 12~Mm~hs . . . . . . . . . . . . . 1z7bL . . . . . . . . . . . . . . . . 1
Z 2 B dCEv . . . . . . . . . . . 3WebSphere Application Server uo . . . . . . . 3%;~qwdC . . . . . . . . . . . . . 4Tivoli Identity Manager :/dC . . . . . . . . 5
Tivoli Identity Manager ~qwc . . . . . . . 6%;:/dC . . . . . . . . . . . . . 6&\:/dC . . . . . . . . . . . . . 7Java {"~qMd|~qwxL . . . . . . . 89C Tivoli Identity Manager 1D WebSphere 73
^F . . . . . . . . . . . . . . . . 9
Z 3 B }]bdC . . . . . . . . . 11IBM DB2 dC . . . . . . . . . . . . . 11
7#(EkdC~qw . . . . . . . . . . 11dC IBM DB2 JDBC }/Lr. . . . . . . 14* JDBC `M 2 }/LrdC IBM DB2 V7.1M V7.2 . . . . . . . . . . . . . . . 16Z?v:/I1FczOR= IBM DB2 E*D~ 16>}:)9 DB2 D5 . . . . . . . . . . 17
Tivoli Identity Manager D Oracle 20MdC . . . 17Z AIX O<820 Oracle . . . . . . . . 17<8Z Solaris O20 Oracle . . . . . . . 19<8Z Windows P20 Oracle . . . . . . . 20Z20sdC Oracle . . . . . . . . . . 20
Z 4 B ?<~qwdC . . . . . . . . 23IBM Directory Server dC . . . . . . . . . 23
* Tivoli Identity Manager 8(s: . . . . . 24* Tivoli Identity Manager dC}Cj{Te~ 24XBt/?<~qw . . . . . . . . . . 254( LDAP s:Ts . . . . . . . . . . 26
Z,;(FczO9C V5.1 M WebSphereApplication Server . . . . . . . . . . . . 27Sun ONE Directory Server dC . . . . . . . . 28
Z 5 B %;~qw20:Tivoli IdentityManager ~qw . . . . . . . . . . . 31*<0 . . . . . . . . . . . . . . . . 31bvKZJb . . . . . . . . . . . . . . 33%;~qw20DE"$wm . . . . . . . . 33
}]bE" . . . . . . . . . . . . . 33?<~qwE" . . . . . . . . . . . . 35%;~qw20D WebSphere Application ServerE" . . . . . . . . . . . . . . . . 36IBM HTTP Server E" . . . . . . . . . 37Tivoli Identity Manager E" . . . . . . . . 37
20 Tivoli Identity Manager ~qw . . . . . . 37/@nuD06-10ZM0mI10Z . . . . 39!q20`MM20?< . . . . . . . . . 40!q}]b . . . . . . . . . . . . . 41jI%;~qw200Z . . . . . . . . . 418( WebSphere +V2+T . . . . . . . . 438(S\\?"DA200** . . . . . . . 4520x9Md|dCn/ . . . . . . . . . 46%;~qw20DU>M?< . . . . . . . 56jI2+TdC . . . . . . . . . . . . 56Z20 Tivoli Identity Manager .s9C
runConfig . . . . . . . . . . . . . . 56P!qX20oT| . . . . . . . . . . 57
bT Tivoli Identity Manager ~qwD(E . . . . 57~qwkzmLrD(E . . . . . . . . . . 58
Z 6 B :/20:Tivoli IdentityManager ~qw . . . . . . . . . . . 61*<0 . . . . . . . . . . . . . . . . 61
bvKZJb . . . . . . . . . . . . . 629C xg?p\mw4(:/ . . . . . . . 63
:/20DE"$wm . . . . . . . . . . . 64}]bE" . . . . . . . . . . . . . 64?<~qwE" . . . . . . . . . . . . 65:/20D WebSphere Application Server E" . 66Tivoli Identity Manager E" . . . . . . . . 67
20 Tivoli Identity Manager ~qw . . . . . . 67/@nuD06-10ZM0mI10Z . . . . 69!q20`MM1!20?< . . . . . . . 70!q}]b . . . . . . . . . . . . . 71jI:/20rP . . . . . . . . . . . 728( WebSphere +V2+T . . . . . . . . 758(S\\?"DA200** . . . . . . . 7720x9Md|dCn/ . . . . . . . . . 78:/20DU>M?< . . . . . . . . . . 87jI2+TdC . . . . . . . . . . . . 87Z20 Tivoli Identity Manager .s9C
runConfig . . . . . . . . . . . . . . 87P!qX20oT| . . . . . . . . . . 88
© Copyright IBM Corp. 2003 iii
(e HTTP a0VCT(I!) . . . . . . 88i$Bq~qhC . . . . . . . . . . . 88
|B Web ~qwe~ . . . . . . . . . . . 88t/:/ . . . . . . . . . . . . . . . 88bT Tivoli Identity Manager ~qwD(E . . . . 89~qwkzmLrD(E . . . . . . . . . . 90mSr}%:/I1 . . . . . . . . . . . 90
9CBFcz)9:/ . . . . . . . . . . 909C,;Fcz)9:/ . . . . . . . . . 91}%:/I1 . . . . . . . . . . . . . 91
=< A. bL . . . . . . . . . . . . 93CD P;P(iD WebSphere Y1^)Lr PQ77521 93oT| CD. . . . . . . . . . . . . . . 939C WebSphere Application Server D Tivoli IdentityManager Dy!zk Solaris CD. . . . . . . . 939CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk Solaris CD. . . . . . . . 949d Solaris CD 1 . . . . . . . . . . . . 949d Solaris CD 2 . . . . . . . . . . . . 949d Solaris CD 3 . . . . . . . . . . . . 959d Solaris CD 4 . . . . . . . . . . . . 959C WebSphere Application Server D Tivoli IdentityManager Dy!zk AIX CD . . . . . . . . 959CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk AIX CD . . . . . . . . 959d AIX CD 1 . . . . . . . . . . . . . 969d AIX CD 2 . . . . . . . . . . . . . 969d AIX CD 3 . . . . . . . . . . . . . 969CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk HP-UX CD . . . . . . . 979C WebSphere Application Server D Tivoli IdentityManager Dy!zk Windows 2000 CD . . . . . 979CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk Windows 2000 CD . . . . . 979d Windows 2000 CD 1 . . . . . . . . . 979d Windows 2000 CD 2 . . . . . . . . . 989d Windows 2000 CD 3 . . . . . . . . . 989d Windows 2000 CD 4 . . . . . . . . . 98
=< B. kT UNIX Dm~M2~*s . . 999C WebSphere D Tivoli Identity Manager DnM
UNIX Yw53M2~*s . . . . . . . . . 999C WebSphere D Tivoli Identity Manager ~qw
D}]b . . . . . . . . . . . . . . . 1009C WebSphere D Tivoli Identity Manager ~qw
D?<~qw . . . . . . . . . . . . . 100Tivoli Identity Manager ~qwD WebSphere ~qw
k HTTP ~qwX8m~ . . . . . . . . . 101\'VD Web /@w . . . . . . . . . . 102
=< C. <8 WebSphere 73 . . . . 103<8 WebSphere Application Server 20 . . . . 103
7#8(K{"+]'VC'Mi . . . . . . 1037# WebSphere 6k={"+]~qwkM'z
D Solaris ZKhC . . . . . . . . . . 104
9CVPD WebSphere MQ V5.3 . . . . . . 104KZ 9090 ICTi$ . . . . . . . . . 104
dC Tivoli Identity Manager :/ . . . . . . 10520 WebSphere Application Server xg?p . . 10520 IBM HTTP Server M WebSphere Web ~
qwe~ . . . . . . . . . . . . . . 106zI WebSphere Web ~qwe~dCD~. . . 107Z?vZcO20 WebSphere Application ServerBase . . . . . . . . . . . . . . . 107+ZcmS=%* . . . . . . . . . . . 108XBt/Zc . . . . . . . . . . . . 1084(:/ . . . . . . . . . . . . . . 1097# xg?p\mwMZczmLrZKP . . 109
dC WebSphere Application Server Bq~qhC 110
=< D. 2+T<G . . . . . . . . . 111WebSphere D2+T . . . . . . . . . . . 111
dC%Zc?pD2+T . . . . . . . . . 111dC`Zc?pD2+T . . . . . . . . . 114{C J2EE 2+T . . . . . . . . . . . 116
dC HTTP ~qwD8C=( . . . . . . . . 117
=< E. S Tivoli Identity Manager4.3 }6= Tivoli Identity Manager4.5 . . . . . . . . . . . . . . . . 119*<0 . . . . . . . . . . . . . . . . 119S9C WebLogic D Tivoli Identity Manager 4.3 }
6=9C WebLogic D Tivoli Identity Manager 4.5 . 120209C WebSphere Application Server D TivoliIdentity Manager V4.5 . . . . . . . . . . . 120dCB20 . . . . . . . . . . . . . . 121
=< F. S Tivoli Identity ManagerV4.4.x }6= V4.5 . . . . . . . . . 123*<0 . . . . . . . . . . . . . . . . 123}6%;~qwdC . . . . . . . . . . . 124
S Tivoli Identity Manager 4.4.x }6= 4.5 . . 124}6:/dC . . . . . . . . . . . . . 125
* xg?p\mw53+ Tivoli IdentityManager 4.4.x }6= 4.5 . . . . . . . . 126*I153+ Tivoli Identity Manager 4.4.x }6
= 4.5 . . . . . . . . . . . . . . . 127
=< G. 6X Tivoli Identity Manager 131*<0 . . . . . . . . . . . . . . . . 1316X Tivoli Identity Manager D=h . . . . . . 132
=< H. yw . . . . . . . . . . . . 135Lj . . . . . . . . . . . . . . . . 136
Jcm . . . . . . . . . . . . . . 137
w} . . . . . . . . . . . . . . . 141
iv IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
0T
IBM ® Tivoli ® Identity Manager ~qw208O (kT9C WebSphere® D UNIX)
hvgNZ UNIX ~qwO20MdC Tivoli Identity Manager ~qw,TcSPD
;C\mJ4#
>iDA_
>VaG*20",$r\m>cFcz53Dm~D53k2+T\m1`4D#
A_&Kb53M2+T\mDEn#Kb,A_2&KbTB\mEn:
v ?<~qw
v }]b~qw
v WebSphere® 6k={"+]'V
v WebSphere Application Server r WebLogic
v IBM HTTP Server
vfo
kDA Tivoli Identity Manager b"X8m~vfoT0`XvfoPDhv,Sx7
(zO*nPCDvfo#Z7(zyh*Dvfo.s,kNDXZZ_CJb)
vfoD8>E"#
Tivoli Identity Manager ~qwJObTivoli Identity Manager ~qwJObPDvfoP:
v Tivoli Identity Manager *zC'oz
TyP Tivoli Identity Manager \mNqa)[OD*zozwb#
v *KbPX UNXI r Windows f>;,D Tivoli Identity Manager ~qw208
O,kVpiDkT WebSphere r WebLogic Df>#kkTzD>c9C`&D
f>#
a) Tivoli Identity Manager D20E"#
v Tivoli Identity Manager Policy and Organization Administration Guide
a)PX Tivoli Identity Manager \mNqDwb#
v Tivoli Identity Manager Server Configuration Guide
a)%;~qwM:/ Tivoli Identity Manager dCDdCE"#
v 6Tivoli Identity Manager nUC'8O7
a) Tivoli Identity Manager u'_C'E"#
v 6Tivoli Identity Manager "P5w7
a) Tivoli Identity Manager Dm~M2~*s,T0^)Lr"9!Md|'VE
"#
v Tivoli Identity Manager Troubleshooting Guide
a) Tivoli Identity Manager z7d|DJbbvE"#
© Copyright IBM Corp. 2003 v
X8m~z7vfo
*P'X9C>iPDE",zXk_8 Tivoli Identity Manager X8m~z7D*6#
zISTBx7qCvfo:
v WebSphere Application Server
http://www.ibm.com/software/webservers/appserv/support.html
":TBD Redbooks r*PmhvK WebSphere Application Server D20MdC
T0=S2+TDa)#d;KPmG>vfo"P1DnBE",+dPD
vfoI\VZQ}1#k*5zDM'zmTq!J4E"D(iPm#
– IBM WebSphere Application Server V5.0 System Management and Configuration,
IBM l$i
– IBM WebSphere Application Server V5.0 Security,IBM l$i
v }]b~qw
– IBM DB2
http://www.ibm.com/software/data/db2/udb/support.html
http://www.ibm.com/software/data/db2
– Oracle
http://technet.oracle.com/documentation/content.html
v ?<~qw&CLr
– IBM Directory Server
http://www.ibm.com/software/network/directory
– Sun ONE Directory Server
http://www.ibm.com/software/network/directory
v WebSphere 6k={"+]'V(r IBM MQSeries)
http://www.ibm.com/software/ts/mqseries
v Web zm~qw
– IBM HTTP Server
http://www.ibm.com/software/webservers/httpservers/library.html
`Xvfo
ZTBvfoPIqC Tivoli Identity Manager ~qwD`XE":
v Tivoli m~ba)wV Tivoli vfo,ngW$i"}]gSmq"]>"Redbooks
Myw/#TB Web >cOa) Tivoli m~b:
http://www.ibm.com/software/tivoli/library/
v Tivoli Software Glossary |(k Tivoli m~PXDm`uoD(e#Tivoli Software
Glossary ;P"of,zIS Tivoli m~b Web 3fs_D Glossary 4SqC:
http://www.ibm.com/software/tivoli/library/
Z_CJvfo
zIZ_S Tivoli m~bPqCIF2D5q=(PDF)M/r,D>jGoT
(HTML)N=D>z7 IBM vfo:
vi IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
http://www.ibm.com/software/tivoli/library
*ZbPiRz7vfo,k%wKb3fs_D Product manuals 4S#;s,Z
Tivoli Software Information Center 3fOiR"%wCz7{F#
z7vfo|("P5w"208O"C'8O"\m18OM*"_N<s+#
":*7# PDF vfor!}7,kZ Adobe Acrobat D0r!10Z(%wD~ →r!IR=)P!qJO3f4!r#
(z!n
z7D5|,TB(z!n&\:
v D5,1T HTML M PDF q=a),9C'ns^HX&CA;DAwm~#
v D5PDyP<q<a)8CD>,byPS&O-DC'ITmb<qDZ]#
*5m~'V
ZM3;Jb*5 IBM Tivoli m~'V.0,kCJTB IBM Tivoli m~'V Web
>c:
http://www.ibm.com/software/sysmgmt/products/support/
g{zh*d|oz,k9CTB Web >cD IBM Software Support Guide PhvD
=(*5m~'V:
http://techsupport.services.ibm.com/guides/handbook.html
>8Oa)TBE":
v S\'VyhD"aMJqhs
v g0Ek(!vZzyZDzRrXx)
v *5M''V.0&U/DE"Pm
>iP9CD<(
>N<T;)(CuoMYwT0X(ZYw53D|nM769CKtI<(#
>iP9CKTBVM<(:
VeV VeD>CZm>I!D0Z4|"VNu?MvVZ>VaPD|
n(+;|(>}rD~Z])#
HmVM HmVM`MPDD>CZm>D~Z]"D~{r|nDdv#
1eV 1eD>CZm>X(ZOBDD5,}g:
v 76{
v D~{
v C'{
v i{
v 53N}
0T vii
v 73d?
% YVE(%)CZm> C shell A;a>{,Ka>{G>8Oy|(
D>}D;?V#wV53D C shell A;a>{I\;,
# .E(#)zm*T,6C'G<(root CJ)DC'T>DA;a>
{#
Installation Directory ConventionsKvfo9CTB<(8(1!?<:
{ITIM_HOME}Tivoli Identity Manager D1!20?<
{WAS_HOME}WebSphere Application Server D1!20?<
{WAS_NDM_HOME}WebSphere Application Server xg?p D1!20?<
viii IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z 1 B i\
>VahvgNZ%;~qwr:/dCO20"u=dCMi$ Tivoli Identity
Manager ~qw#k9Ckz53ODYw53M Web &CLr`T&D20D5#
Kb9P;>6Tivoli Identity Manager ~qw208O7(kT9C WebSphere D
Windows)#
20M*<9C Tivoli Identity Manager ~qwDw*=hy]20GkT%;~qw
9GkT:/dCT0Gq9C.0QfZD WebSphere Application ServerxPy;,#
E(xT,b)=h|(:
1. gZ 3 3DZ 2 B, :dCEv;Pyv,7(zDdCG%;~qwD9Gh*
;v|_luTD:/r&\TD:/bv=8#
2. gZ 11 3DZ 3 B, :}]bdC;Pyv,20MdC}]b#
3. gZ 23 3DZ 4 B, :?<~qwdC;Pyv,20MdC?<~qw#
4. TZ%;~qwdC,gZ 31 3DZ 5 B, :%;~qw20:Tivoli Identity
Manager ~qw;Pyv,20 Tivoli Identity Manager ~qw#
5. TZ:/dC,4PTB=h:
v gZ 103 3D=< C, :<8 WebSphere 73;Pyv,20"dCX8
WebSphere Application Server 'V#
v gZ 61 3DZ 6 B, ::/20:Tivoli Identity Manager ~qw;Pyv,4
(:/"20 Tivoli Identity Manager ~qw#
":T:/dC,zXkV/20XhD^)|#
2~Mm~hs
PXm~M2~*sDPm,kNDZ 99 3D=< B, :kT UNIX Dm~M2~*
s;#
z7bL
Tivoli Identity Manager ~qwz7T;5PbL(CD)*XeD==a)#*0sq
C CD =fDoz,kk IBM 'V*5# PX CD 0dZ]DPm,kND Z 93
3D=< A, :bL;#
© Copyright IBM Corp. 2003 1
2 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z 2 B dCEv
WebSphere Application Server 73PD Tivoli Identity Manager ~qwGT%;~q
wdCr:/dCi/D#>ZTb=VdCxPKr*R_6Dhv,"EvK|
GD5V3r#sxBZ|_eXhvK5V}L#
":
1. >BPDy>dC*sZ4P20kdC>z7D=h05);)$HDF.n
/#PXd|hvgNf.Tzcz5qhsDD5,kkM'zm*5#
2. PX WebSphere Application Server z7Dd|E",kNDZZ vi 3D:X8m
~z7vfo;P}CD=SD5#
3. Tivoli Identity Manager 9CDs`}Pd~<h*^)|#PX|`E",kND
Z 99 3D=< B, :kT UNIX Dm~M2~*s;#
WebSphere Application Server uo
TBuohvK WebSphere Application Server dCPD*X:
%* ?p\mw\mD\mr#%*G'V WebSphere Application Server V<=7
3P+2\mn/DZc_-Vi#%*IP;vr`v:/#
Zc ZcGomFczOD;vr`v&CLr~qwD_-i#Zc{Z%*Z
G(;D#Zc{(#kFczDwz{Gj+`,D#2MG5,Zc(#
T&ZP(; IP X7DomFcz53#
&CLr~qw
&CLr~qwG WebSphere Dw*i~#~qwKP Java ibz,Sx*
&CLrzka)KP173#&CLr~qwa)(EtCX( Java &CL
ri~4PD]w#
xg?p\mw
CZa)/P\mS<"XF WebSphere Application Server V<=%*PDy
P*X|(:/\mD\m}L#xg?p\mw:p?;ZcODbZ]#
xg?p\mw(}k%*D?vZcODZczmLrxL(E4\mbZ
]#
ZczmLr
ZczmLr(}k xg?p\mwxP(E4\mZcO WebSphere
Application Server DyP\\xL,Sx-w"9dC,=#ZczmLrz
m xg?p\mw4P\mYw#ZczmLrm>\m%*PDZc#Zc
zmLrk WebSphere Application Server Base ;p20,+1=ZcmS=
xg?p73PD%*sEGXhD#
:/ ;vr`v&\`,D&CLr~qwxLD_-Vi#:/a)r%D?
p"dC"$w:X=bT0XK_`#:/Gw*%v53;p$wD`v
~qwD/O,CT7#4Pt*NqD&CLrMJ4TM'z#VIC#
:/a)IluT#PX|`E",kNDM''VI\a)Dd|hvZ
WebSphere Application Server V<=73P("91M.=:/DD5#
© Copyright IBM Corp. 2003 3
:/I1
:/P WebSphere Application Server D5}#
WebSphere Web ~qwe~
WebSphere Web ~qwe~G20= HTTP ~qwD;vi~,C4Z:/
PSU+kDks"+|G+d=J1D Web ]w#plugin-cfg.xml D~\
me~DP*#e~Jm Web ~qw+PX/,Z](g servlet)Dks+
M=&CLr~qw#
%;~qwdC
%;~qwdCITZ;(omFczO20 WebSphere Application Server Base Md
|yhD&CLr#Tivoli Identity Manager ~qw,1a)C'gfM$ww&m#
Z;(FczOxPdC_PTB*s:
v ;vCZf"BqE"D}]b
v ;v?<~qw
v WebSphere Application Server Base
v Tivoli Identity Manager ~qw
v ;vq IBM HTTP Server M WebSphere Web ~qwe~D HTTP ~qw#PX
WebSphere Web ~qwe~Dy>(e,kNDZ 3 3D:WebSphere Application
Server uo;#PXdC WebSphere Web ~qwe~D|`E",kNDZ 117 3
D:dC HTTP ~qwD8C=(;#
< 1. ;(omFczOD%;~qwdC
4 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
r_,zIZ;(omFczO20 WebSphere Application Server Base M Tivoli
Identity Manager ~qwD5},;sZ;(r`(d|FczO20yPd|h*D&
CLr#
":PXZQ20K WebSphere Application Server D,;(FczO20 IBM Directory
Server V5.1 yhDd|V/dC=h,kNDZ 27 3D:Z,;(FczO9C
V5.1 M WebSphere Application Server;#
20P Tivoli Identity Manager ~qwDFcz_PTB*s:
v WebSphere Application Server Base
v JDBC }/Lr(}]bM'z)
=SFcz_PTB*s:
v ;vCZf"BqE"D}]b
v ;v?<~qw
v ;vq IBM HTTP Server M WebSphere Web ~qwe~D HTTP ~qw#
PX|`E",kNDZ 31 3DZ 5 B, :%;~qw20:Tivoli Identity Manager
~qw;#
Tivoli Identity Manager :/dC
Tivoli Identity Manager :/dC45wTBZ].;:
v Z 6 3D:%;:/dC;
v Z 7 3D:&\:/dC;
PXdC:/D|`E",kNDZ 63 3D:9C xg?p\mw4(:/;#PX
"Pf6pM^)|f6DE",kNDZ 99 3D=< B, :kT UNIX Dm~M2
~*s;#
< 2. `(omFczOD%;~qwdC
Z 2 B dCEv 5
":
1. TBe<P,?;rMzm;(omFczOD;v WebSphere Zc#(i;(F
czOv(";vZc#
2. g{ZQ20K WebSphere Application Server D,;FczO20 IBM Directory
Server V5.1,kNDZ 27 3D:Z,;(FczO9C V5.1 M WebSphere
Application Server;,TKbyhDd|V/dC=h#
Tivoli Identity Manager ~qwc
Tivoli Identity Manager ~qwa)DcG&\D;vS/,ng&mC'gfn/D&
\r&m$wwn/D&\#Tivoli Identity Manager ~qwIw*`c~qw420,
Sx9zZ&\:/dCP+?ca)D&\Vd=;,D:/#
Tivoli Identity Manager ~qwa)TBwc:
C'gf(UI)a)C'gf&m&\,|(I9wV;,C'&m Tivoli Identity Manager ~
qwya)D&\DwVT0Mm%#PXC'gfDE",kND Tivoli
Identity Manager Policy and Organization Administration Guide#
$ww(WF)
a)$ww&m&\#
$wwGz<"\xr"Mks*sjID}L#PX$ww&mDE",k
ND Tivoli Identity Manager Policy and Organization Administration Guide#
20!n|(TBZ]:
v %;~qw
v %;:/r&\:/:Z%;:/20}LP,=cy20Z:/I1D?v&C
Lr~qwO#?;:/I1D&\H,k Tivoli Identity Manager %;~qwD&
\#
Z&\:/P,C'gf(UI)c20Z;:/P,$ww(WF)c20Zm;:
/P#K=:/D[O&\H, Tivoli Identity Manager DyP&\#
%;:/dC
%;:/dC8(;i WebSphere &CLr~qw#Tivoli Identity Manager C'gf
cM$wwc<KPZ:/P?vZc`,D WebSphere Application Server O#Kd
CZ;(FczO8( xg?p\mw#`BD&CLrdCZd|FczO#
6 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
TBhvKKdC:
v Z20P xg?p\mwDFczO,20TBwn:
– WebSphere xg?p\mw
– JDBC }/Lr(}]bM'z)
v Z?(:/I1O,20TBwn:
– WebSphere Application Server
– Tivoli Identity Manager ~qw#ZKdCP20D Tivoli Identity Manager ~q
wa)iODC'gfM$wwc#
– JDBC }/Lr(}]bM'z)
v Z;(r`(;Z:/PD=SFczO,20TBwn:
– ;vCZf"BqE"D}]b
– ;v?<~qw
– ;vq IBM HTTP Server M WebSphere Web ~qwe~D HTTP ~qw#P
XK~qwD|`E",kND IBM HTTP Server a)DD5#PX WebSphere
Web ~qwe~Dy>(e,kNDZ 3 3D:WebSphere Application Server u
o;#PXdC WebSphere Web ~qwe~D|`E",kNDZ 117 3D:d
C HTTP ~qwD8C=(;#
&\:/dC
&\:/dC+ xg?p\mwECZ;(FczO#`BD&CLrZd|FczO
D;,:/PdC#Tivoli Identity Manager ~qw UI cZ;:/DZcOdC,WF
cZd|%@:/DZcOdC#
< 3. `(omFczOD%;:/dC
Z 2 B dCEv 7
TBhvKKdC:
v Z20P xg?p\mwDFczO,20TBwn:
– WebSphere xg?p\mw
– JDBC }/Lr(}]bM'z)
v Z?v:/D?vI1O,20TBwn:
– WebSphere Application Server
– Tivoli Identity Manager ~qw
ZC'gf:/P,Tivoli Identity Manager ~qwD5}va)C'gf&m#
Z$ww:/P,Tivoli Identity Manager ~qw5}va)$ww&m#
– JDBC }/Lr(}]bM'z)
v Z;(r`(;Z:/PD=SFczO,20TBwn:
– ;vCZf"BqE"D}]b
– ;v?<~qw
– IBM HTTP Server M WebSphere Web ~qwe~
Java {"~qMd|~qwxL
d|~qwxLKPZ WebSphere Application Server 73P,nga) WebSphere 6
k={"+]'VD Java {"~q(F* jmsserver xL,2F* JMS ~qw)#
< 4. &\:/dC
8 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":*9 Tivoli Identity Manager \kd|&CLr;;E"SxT{"N="MMS
U}],WebSphere 6k={"+]'VGXhD#XZ|`E",kNDhv
WebSphere 6k={"+]'Vr WebSphere MQ D WebSphere Application Server
D5#
9C Tivoli Identity Manager 1D WebSphere 73^F
*Z WebSphere 73PnP'X9C Tivoli Identity Manager,kqXTB^F:
v Tivoli Identity Manager Y(:/kYw53G,`D#*\b2+(EM$idC
=fDJb,(izZ Tivoli Identity Manager :/Z;*9C`VYw53#
v Z&\:/P,k;*SC'gf+:/I1k$ww:/ECZ,;FczO#
v g{Z,;FczPP WebSphere Application Server D`v5},rb)5}.;
D~qwEI\G Tivoli Identity Manager :/I1#
v WebSphere Application Server JmzZ,;FczO,120 xg?p\mwM:
/I1#k7#KFczPyhDZf]?"YHMzcnb0kDICUd#
Z 2 B dCEv 9
10 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z 3 B }]bdC
>BhvgNdCk Tivoli Identity Manager ~qw;p9CD}]b#PX\'VD
}]b"PfMXh9!D|`E",kNDZ 99 3D=< B, :kT UNIX Dm~
M2~*s;# PX IBM DB2 D|`E",kND
http://www.ibm.com/software/data/db2/udb/support.html ODICD5#
":
1. >BPhvD IBM DB2 hCGu=hC,h*ZKP1xPw{#
2. >B+ IBM DB2 KP1M'zF*`M 2 Java }]b,S}/Lr#ZsxB
ZP,CuoF* JDBC }/Lr#
>ZhvTBZ]:
v :IBM DB2 dC;
v Z 17 3D:Tivoli Identity Manager D Oracle 20MdC;
IBM DB2 dC
zXkT Administrator m]G<= IBM DB2 ~qw4jITB=h:
v :7#(EkdC~qw;
v Z 14 3D:dC IBM DB2 JDBC }/Lr;
7#(EkdC~qw
*<8 IBM DB2 ~qw,k4PTB=h:
v :7# TCP/IP (E;
v Z 12 3D:dC IBM DB2 ~qw;
7# TCP/IP (E
Zz*<0,k7O IBM DB2 ~qwOD TCP/IP (E#k4PTB=h:
":b)=hYhdCP9C`(Fcz,dP;(0P IBM DB2 ~qw#g{}]
bk IBM DB2 ~qwZ,;FczO,r;h*dC TCP/IP (E#
1. dk su - <db2InstanceName>
dP <db2InstanceName> G IBM DB2 5}yP_,ng db2inst1#
2. Z DB2 |n0ZPKPTB|n:
db2set -all DB2COMM
3. g{3 tcpip u?(m> TCP/IP (E)4Z db2set -allDB2COMM |n5XD
PmP,kKPTB|n,dP*|( tcpip MIC|na)DPmPy5XDy
Pd|5#
db2set DB2COMM=tcpip,<values_from_db2set_command>
}g,g{ db2set -all DB2COMM |nZPmP5XKng npipe M ipxspx D
5,k1zZ~NKP db2set |n1YN8(b)5:
© Copyright IBM Corp. 2003 11
db2set DB2COMM=tcpip,npipe,ipxspx
dC IBM DB2 ~qw
*dC~qw,k4PTB=h:
":g{ IBM DB2 ~qwZ AIX O,k7#zQZ20K Tivoli Identity Manager
~qwDFczO+ EXTSHM hC* ON#+ EXTSHM hC* ON +vS%
xLI=SD2mZfN}?#EXTSHM XkZt/KM'z&CLrD shell P
RKP db2start D shell P<v#PXhCM'zDKd?D|`E",kND
Z 14 3D:dC IBM DB2 JDBC }/Lr;#
Zt/ IBM DB2 ~qw.0,kdkTB|ndC`v JDBC ,SD EXTSHM
73d?:
export EXTSHM=ONdb2set DB2ENVLIST=EXTSHMdb2set -all
mb,Z sqllib/db2profile D~PSkTBwP:
EXTSHM=ONexport EXTSHM
1. * Tivoli Identity Manager 4(;v{FHg* itimdb D}]b,"4(;v{
F* enrolebp D:eX#
":zITT}]b{F8(Nb{F#:eXD{FXk* enrolebp#
a. dk su - <db2InstanceName>
dP <db2InstanceName> G IBM DB2 5}yP_,ng db2inst1#
b. Z|n0ZP,4Pb)|n4(}]b:
db2 create db itimdb using codeset UTF-8 territory USdb2 update db cfg for itimdb using applheapsz heapvaluedb2 update db cfg for itimdb using app_ctl_heap_sz 512
dP heapvalue GT'VZ*%;zm 4K 3}?D{},ng 1024#
":<G=d|&CLrTZfDhs,k+ applheapsz hC*|FZ0P}]
bDFczPD5JZf5.;kD5#
c. *5}dC~q{,TcCJ6L JDBC }/Lr#}g,dkTBZ]:
db2 update dbm cfg using svcename <service_name>
dP <service_name> G;vng DB2_db2inst1 D5#
d. k7#rTBD~mSOJD~q{F:
v UNIX:/etc/services
v Windows:%SYSTEMROOT%\system32\drivers\etc\services
}g,dkTBZ]:
db2 get dbm cfg
5IkTB5`F:
v DB2_db2inst1: 50000/tcp
v DB2_db2inst1i: 50001/tcp
12 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
53+*szdkk~q{FT&DKZE#
e. dkTB|n7O,S#g{,SI&,+5XTB}]b,SE":
db2 connect to itimdb
f. 4(:eX:
db2 create bufferpool enrolebp size -1 pagesize 32k
2. k7#QChC DB2_RR_TO_RS=YES r*0IX4A1tT#k4PTB=h:
a. dkTB|n:
db2set -all
b. liX&T7# DB2_RR_TO_RS=YES fZ#
c. g{4R=Cu?,kdkTB|n+5hC* YES:
db2set DB2_RR_TO_RS=YES
d. XBdkTB|nTi$ChCVZGqQfZ:
db2set -all
3. XBt/ IBM DB2#
db2stop# (Note: Do a "db2 force application all" if entering db2stop fails)db2start
Z IBM DB2 ~qwO4({F* enrole DC'
Z IBM DB2 ~qwO,4({F* enrole DC'#k4PTB=h:
v Z AIX O,T root m]4PTB=h:
1. 9C smit r smitty t/53\m$_#
2. !q2+TkC' –> C' –> mSC'#
3. Z0C'{1VNP,dk enrole#
4. 4 Enter |4(C'"5X=0C'1A;#
5. !q|DC'\k#
6. a>dkC'{1,dkz(eD5,ng enrole#zVZQx enrole C'j6
8(K enrole \k#
7. Za>|DC'\k1,kdkzT0*}]bC'(eD\k#
8. Kv53\m$_#
9. bTC'CJ(#(} Telnet ==CJ IBM DB2 ~qwKPyZDFcz#k
7#zICBDC'j6G<";a*szXh\k#
v Z Solaris O,kT root m]4PTB=h:
1. t/ admintool#
2. ZNq8P%w/@ –> C'#
3. %w`- –> mS#
4. Z0mSC'1T0rD0C'{1VNP,dk enrole#Z0\k!q1K%
O,!q}#\k#
5. Z0hCC'\k1T0rP,dk\k"xPi$#%w7(#
6. +0w?<1VNPD76hC*ng /export/home/enrole D76#%w7(#
7. ZNq8O%wD~ –> KvxKv#
Z 3 B }]bdC 13
8. bTC'CJ(#(} Telnet ==CJ IBM DB2 ~qwKPyZDFcz#k
7#zICBDC'j6G<"^hXh\k#
v Z Windows 2000 O,T Administrator m]4PTB=h:
1. (}%w*< –> hC –> XFfe –> \m$_ –> Fcz\mCJFcz\
m$_#
2. %w>XC'Mi –> C'#
":enrole C';hmS=NNiP#
3. !qYw –> BC'#
4. Z0C'{1VNP,dk enrole#
5. Z0\k1VNP,dk}]bC'D\k#
6. e}C'ZBNG<1Xk|D\k!n#
7. !P\k@;}Z4!r#
8. %w4(#
Z:/PD?(FczO4({F* enrole DC'
Z+I* Tivoli Identity Manager :/.;?VD?(FczO4({F* enrole D
C'#KC';hXbX(#k7#ZBNG<1^h^D\k,R\k@;}Z#
dC IBM DB2 JDBC }/Lr
IBM DB2 h*9C`M 2 Java }]b,S}/Lr(JDBC }/Lr)w*}]bM
'z#C JDBC }/LrCZ+yZ Java D&CLr,S=KPZ,;FczrKP
Z6LzwD IBM DB2 }]b#Z Tivoli Identity Manager :/?pP,JDBC }/
Lr9yP Tivoli Identity Manager ~qw\k}]4(E"2mE"#PX|`E",
kND IBM DB2 D5#
":
1. IBM DB2 z720D JDBC }/LrF* IBM DB2 KP1M'z#
2. *7#}]b,S}7ME= Intel =(,k9C TCP WSV#;*9C|{\@
w* IBM DB2 M'zOD,S=(#|{\@=(T,S}?P^F,a}p
Tivoli Identity Manager }]bms#
Yh?jFczO420 IBM DB2,rzXkZTB?jzwO20MdC JDBC }
/LrT0XhD^)|#PX|`E",kNDZ 99 3D=< B, :kT UNIX D
m~M2~*s;#
v 0Pxg?p\mwDFcz
v z#{20 Tivoli Identity Manager ~qwD?v:/I1
v Z0P%;~qwDFczO(dP IBM DB2 G6LD}]b)#
Z?v?jzwO,k4PTB=h:
1. 20"dC JDBC }/LrMXhD^)|#
":
1. vkT AIX:g{ JDBC }/LrZ AIX O,k7#z9*+73d?
EXTSHM hC* ON#
Z AIX Ot/ WebSphere Application Server .0,ZM'za0PdkTB
|n:
14 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
export EXTSHM=ON
2. zIT+ export EXTSHM=ON mS= IBM DB2 E*D~P#1E*D~D~;
R=1,73d?+;hC#
2. k7#zQ9CP' db2InstanceHome ?<R= IBM DB2 E*D~#1!hC*:
v AIX:/home/db2inst1
v Solaris:/export/home/db2inst1
*R=E*D~,kZ IBM DB2 |n0ZPdkTB|n:
./db2InstanceHome/sqllib/db2profile
*i$zQI&XR= IBM DB2 E*D~,kdkTB|n:
set | grep db2
a{T>`FZTBZ]:
CLASSPATH=/home/db2inst1...DB2DIR=/usr/lpp/db2_07_01DB2INSTANCE=db2inst1
3. (}I!TB=hT}]b`F?<:
a. r* IBM DB2 |n0Z#
dk su - <db2InstanceName> dP <db2InstanceName> G IBM DB2 5}y
P_,ng db2inst1#
b. ZM'zOD|n0ZP,Z;PP4PK|n:
db2 catalog tcpip node db2node_hostname remote db2server_hostnameserver service-name|portnumber
dP:
node db2node_hostname
+;`?DZcD>Xp{#|G}]b$tDFczDwz{#KC
'(eD5zmZ? IBM DB2 Zc{#
remote db2server_hostname
IBM DB2 $tDZcDwz{#wz{G TCP/IP xgQ*DZcD{
F#}g,{F* db2server2host#
server service-name|portnumber
8(~qw}]b\mw5}D~q{FrKZE#IBM DB2 KZED
1 ! 5 * 5 0 0 0 0 # k Z I B M D B 2 ~ q w $ t D F c z P D
/etc/services D~PR=10KZE#M'zk~qwODKZEXk
`%d#g;vKZEQ;8(,rZ>X TCP/IP servicesD~P^h
8(~q{F#
c. dkTB|n`F}]b?<:
db2 catalog database itimdb as itimdb at node db2node_hostname
4. *bT`?GqI&,kdkTB|n:
db2 connect to itimdb
Z 3 B }]bdC 15
* JDBC `M 2 }/LrdC IBM DB2 V7.1 M V7.2
":IBM DB2 Fix Pack 3 a9 IBM DB2 V7.1 (F= V7.2#PX10XhD^)|
D|`E",kNDZ 99 3D=< B, :kT UNIX Dm~M2~*s;#
TZ IBM DB2 V7.1 M V7.2,zXkV/dC JDBC `M 2 }/Lr#kZ IBM
DB2 ~qwO4PTB=h:
1. k7#zQT IBM DB2 Administrator m]G<#
2. 4TB=hdC IBM DB2 T9C JDBC `M 2 }/Lr:
a. dk su - <db2InstanceName>
dP <db2InstanceName> G IBM DB2 5}yP_#
b. (}dkTB|n#9yP IBM DB2 ~q:
db2 force applications alldb2stopdb2admin stop
c. t/ Windows |na>{"KP . /<IBM DB2 install
directory>/java12/usejdbc2
dP <IBM DB2 install directory> f;*z20 IBM DB2 D?<#
":k7#z9C0. 1(;v0Ccsz;vUq)f6wC usejdbc2 |n,
by CLASSPATH 73d?Dd/+0l10 shell#1zwC usejdbc2|n1!TKXhD0. 1(;vcsz;vUq)GmsD#
}g,Z AIX O,dk:
. /usr/lpp/db2_07_01/java12/usejdbc2
mki$TBD~Z UNIX D CLASSPATH P:
/home/db2inst1/sqllib/java12/db2java.zip
d. kdkTB|n:
su - <db2InstanceName>db2startdb2admin start
3. kli CLASSPATH 73d?T7#`M 2 }/Lr}Z9CP#
Z?v:/I1FczOR= IBM DB2 E*D~
Z AIX M Solaris O,zXkZ?(:/I1FczOR= IBM DB2 E*D~T7
# Tivoli Identity Manager Ik}]b(E#
Z?(:/I1FczO,k4PTB=h:
1. +TBPmS= root C'D .profile P#b+7#?NZct/1,IBM DB2 E
*D~;T/R=#}g,g{zD1!G< shell LrG ksh,kdkTB|n:
. <db2instance_dir>/sqllib/db2profile
":K=h!vZzD1!G< shell Lr#*zD shell 9COJDrP#
2. "z"G<rt/;vBD shell#
3. 7#73d? DB2INSTANCE Q(e#*K,kdkTB|n:
echo $DB2INSTANCE
16 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
4. XBt/ZczmLr#
>}:)9 DB2 D5
TBG* IBM DB2 hC|s5D;v}S:
db2 update database configuration for itimdb using dbheap 1200db2 update database configuration for itimdb using applheapsz 2048db2 update database configuration for itimdb using maxappls 60db2 update database configuration for itimdb using app_ctl_heap_sz 1024db2 alter bufferpool ibmdefaultbp size 14750db2 alter bufferpool enrolebp size 13240
g{ applheapsz D5+!,10ks?DC'1,I\a"zZf;;Dms#}g,
U>D~I\|,TBod:
^c;ICDf"?4&m sql od#
*a)nbDf"Ud,k+ IBM DB2 &CLrQs!|D*;v|sD5#
su - db2inst1db2 force applications alldb2stopdb2 terminatedb2 update db cfg for itimdb using applheapsz 2048db2start
":Z Windows O,r*;v db2cmd 0Zdk|n#
Tivoli Identity Manager D Oracle 20MdC
>ZhvZ Tivoli Identity Manager r\Z20 Oracle D200}LM20sdC=
h#
ZyPivB,*Kbj{E",kND Oracle 8i Installation Guide#
":20 Oracle 1,zXk+ JServer !nw*20D;?V|,ZZ#g{!qd
M Oracle 20,r JServer +|,ZZ#g{!q4PT(e Oracle 20,k7
#!q JServer w*20!n#
Z AIX O<820 OracleZ AIX 53P20 Oracle .0,kjITB}L:
1. T root m]G<= AIX 53#
2. 7# AIX 5320KTBD~/:
v bos.adt.base
v bos.adt.libm
Oracle z720k>Xb4SE\4( Oracle I4PD~#;PD~/,4S+
'\"R Oracle ^(20r}#KP#zITS AIX *"_$_d CD 20b
)D~/#
3. i$zD53zcr,}TB?<DICELUd*s:
v /usr:3 GB
v /var:300 MB
v /tmp:2 GB
Z 3 B }]bdC 17
TZ AIX,1! Oracle 20?<* /usr#
":
1. *7(ELUdDICT,kdkTB|n:
df - Ivk
dv5T 1024 vVZ*%;#
2. *9C SMIT r SMITTY |D /usr r /var ?<Ds!,k/@TB0Z:
53f"\m –> D~53 –> mS/|D/T>/>}D~53 –> U>D
~53 –> |D/T>U>D~53DXw –> /usr –> D~53Ds!(T
512 vVZDi*%;)#
4. g{ CD-ROM D~53P;fZ,k9C SMITTY 5CLr4(;v:
a. SXF(r|nPdk $ mkdir /cdrom#
b. SXF(r|nPdk $ smitty crcdrfs#
K1+T>TBK%:
mS CDROM D~53ZdkVNPdkr!q5#ZwKyPZ{D|Ds4 Enter |#
[dkVN]* h8{ +* 20c []Z53XBt/1T/20p? q +
c. (}4 F4"!q}/w"4 Enter |!q;v CD-ROM }/w#
d. YNcw Enter |,4(D~53#4(|njI1,4 F10 Kv SMITTY#
e. 9CTB|n20 cdrom ?<:
mount /cdrom
5. 4(T Oracle }]b9CD20c:
$ mkdir /u01$ mkdir /u02
6. hC20cDmI(,9C Oracle C'J'\Z20}LP4k|G:
$ chmod 777 /u01$ chmod 777 /u02
7. 9C SMIT 4(=vi;;v{* dba DC'iM;v{* oper DC'i#
8. 9C SMIT 4({* oracle DBC'# *BDC'J'jITB=h#
a. +J'DwihC*z4(D dba i#
b. hCJ'Dw?<* /home/oracle#
c. hCG< shell Lr(u<Lr)* /bin/sh#
Oracle J'+KPC20Lr#KJ'XkvCZ20M,$ Oracle#
9. li /usr/lbin D~76fZ"|,Z Oracle C'J'D PATH P#(}`-
/home/oracle/.profile IThCK76#
10. (}4P CD D orainst ?<PD oratab.sh E>I4( oratab D~#
$ ./oratab.sh
11. w* oracle C'G<=53:
$ su - oracle
12. i4 oracle J'D umask hC#
18 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
$ umask
umask &ChC* 022#g{J'D umask ;PhC* 022,kCTB|nxP
hC:
$ umask 022
13. `- .profile "mSTB73d?hC:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMELIBPATH=$ORACLE_HOME/lib; export LIBPATHLD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib; export LD_LIBRARY_PATHORACLE_SID=or1; export ORACLE_SIDORACLE_TERM=vt100; export ORACLE_TERM
7# oracle C'D PATH |, $ORACLE_HOME/bin"/bin M /usr/bin#g{;
|,,r+|GmS= .profile#
14. 9CTB|nR=E*D~:
$ . ./.profile
15. KP rootpre.sh,9zw<8S /cdrom xP20:
$ ./rootpre.sh
VZzQ<8Mw,IT*<20 Oracle K#
<8Z Solaris O20 OracleZ Solaris 53P20 Oracle .0,kjITB}L:
1. T root m]G<= Solaris 53#
2. 7#*53hCDZKN}zcr,}20yhD5#XZ|`DE",kND
Oracle 8i Installation Guide#
3. 4(T Oracle }]b9CD20c:
$ mkdir /u01$ mkdir /u02
4. 9CTB|nSXF(t/ admintool 5CLr:
# admintool
5. Z Admintool 0ZP,%w/@ –> i# K1,0Admintool:i10Z+r*#
6. Z0Admintool:i10ZP,%w`- –> mS# K1,0Admintool:mSi1
0Z+r*#
7. 4(=vi,;vC'i{* dba,m;vC'i{* oinstall#
8. Z0Admintool:i10ZP,%w/@ –> C'# K1,0Admintool:C'10
Z+r*#
9. 9C admintool 4({* oracle DBC'#*BDC'J'jITB=h#
a. +J'DwihC*z4(D oinstall i#
b. +J'D(zihC*z4(D dba i#
c. 7#!q04(w?<1VNT_D%!4%#Z0761VNP,dk
/export/home/oracle w*C' oracle Dw?<#
d. +G< Shell LrhC* /bin/sh#
Oracle 20LrXkZKJ'BKP#KJ'+vCZ20M,$ Oracle#
10. w* oracle C'G<=53:
Z 3 B }]bdC 19
# su - oracle
i4 oracle J'D umask hC#
$ umask
umask &ChC* 022#g{J'D umask ;PhC* 022,kCTB|nxP
hC:
$ umask 022
mk^D .profile,Tc43|D#
11. * oracle J'mSTBwP= /export/home/oracle/.profile#
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMEORACLE_SID=or1; export ORACLE_SIDORACLE_DOC=$ORACLE_HOME/doc; export ORACLE_DOCORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data; export ORA_NLS33PATH=$ORACLE_HOME/bin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:.
g{ZQw76Ph* /usr/ucb,k7#+|PZ PATH hCPD /usr/ccs/bin
.s#
12. 9CTB|nR=E*D~:
$ . ./.profile
VZzQ<8Mw,IT*<20 Oracle K#kND`&D Oracle D5"20m~#
I&20s,k5XA>ZPDdC8>E"#
<8Z Windows P20 OracleZ Windows 53P20 Oracle .0,kjITB}L:
1. i$zD53zcr,} Oracle 8i Installation Guide PkTz*4PD20`M
yPD53*s#
2. Tz+Z20P9CD\m1J'G<= Windows 53#
VZzQ<8Mw,IT*<20 Oracle K#
Z20sdC Oracle*KdC Oracle,9.Z Tivoli Identity Manager r\P9C,zXkjItI20s
Nq#
1. i$ init.ora D~PfZTBwP:
compatible=8.1.0
2. 4(CZ Tivoli Identity Manager D}]b#
TBGICZ4(}]bD SQL E>y>#z&|DE>PD5,9.{OzD>
chs#
-- Create databaseCREATE DATABASE sample
CONTROLFILE REUSELOGFILE ’/u01/oracle/sample/redo01.log’ SIZE 1M REUSE,
’/u01/oracle/sample/redo02.log’ SIZE 1M REUSE,’/u01/oracle/sample/redo03.log’ SIZE 1M REUSE,’/u01/oracle/sample/redo04.log’ SIZE 1M REUSE
DATAFILE ’/u01/oracle/sample/system01.dbf’ SIZE 10M REUSEAUTOEXTEND ONNEXT 10M MAXSIZE 200M
CHARACTER SET UTF8;
20 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
-- Create another (temporary) system tablespaceCREATE ROLLBACK SEGMENT rb_temp STORAGE (INITIAL 100 k NEXT 250 k);
-- Alter temporary system tablespace online before proceedingALTER ROLLBACK SEGMENT rb_temp ONLINE;
-- Create additional tablespaces ...-- RBS: For rollback segments-- USERs: Create user sets this as the default tablespace-- TEMP: Create user sets this as the temporary tablespaceCREATE TABLESPACE rbs
DATAFILE ’/u01/oracle/sample/sample.dbf’ SIZE 5M REUSE AUTOEXTEND ONNEXT 5M MAXSIZE 150M;
CREATE TABLESPACE usersDATAFILE ’/u01/oracle/sample/users01.dbf’ SIZE 3M REUSE AUTOEXTEND ON
NEXT 5M MAXSIZE 150M;CREATE TABLESPACE temp
DATAFILE ’/u01/oracle/sample/temp01.dbf’ SIZE 2M REUSE AUTOEXTEND ONNEXT 5M MAXSIZE 150M;
-- Create rollback segments.CREATE ROLLBACK SEGMENT rb1 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb2 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb3 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb4 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;
-- Bring new rollback segments online and drop the temporary system oneALTER ROLLBACK SEGMENT rb1 ONLINE;ALTER ROLLBACK SEGMENT rb2 ONLINE;ALTER ROLLBACK SEGMENT rb3 ONLINE;ALTER ROLLBACK SEGMENT rb4 ONLINE;
ALTER ROLLBACK SEGMENT rb_temp OFFLINE;DROP ROLLBACK SEGMENT rb_temp ;
3. (}`-D~ $ORACLE_HOME/dbs/init.ora PD PROCESSES N}IT+ Oracle
,SD1!5S 50 vS= 150#
":Oracle ,S*sy];,s5aP\sD;,#ky]zD73hC,S5#
4. 9C alter sql |nIT+ Oracle DmUdS1!5vS=I9CDns?#
SQL> alter database datafile ’<location of DBF file>\ENROLE1_DATA_001.DBF’ resize 500mSQL> alter database datafile ’<Oracle db location of DBF file>\ENROLE1_IDX_001.DBF’resize 500m
5. t/ Oracle:
# su - oracle# svrmgrl> connect internal> startup> quit
6. t/ Oracle l}w~q:
# su - oracle# Insrctl start
Z 3 B }]bdC 21
22 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z 4 B ?<~qwdC
>BhvgNdC?<~qw#b)=hyZby;vYh,4z.0Q-20K?
<~qw"<8dC) Tivoli Identity Manager 9CD?<~qw#
":
1. IBM Directory Server V5.1 I20;v IBM DB2 5}#k7#;*20=v IBM
DB2 5}#PX|`E",kND http://www.ibm.com/software/network/directory O
D IBM Directory Server D5#PX\'VD?<~qwD|`E",kNDZ 99
3D=< B, :kT UNIX Dm~M2~*s;#
2. g.020K IBM Directory Server V5.1,dPI\aP;v4"aD WebSphere
– Express 5},Sx<B1ZDKZe;#PX|`E",kNDZ 27 3D:Z,
;(FczO9C V5.1 M WebSphere Application Server;#
k!qN<TBZ].;:
v :IBM Directory Server dC;
v Z 28 3D:Sun ONE Directory Server dC;
IBM Directory Server dC
>ZhvgNdC IBM Directory Server#
TB=h}CKb)d?:
dirserver_installdir
20 IBM Directory Server D?<#}g:
v AIX:/usr/ldap/
v Solaris:
– IBM Directory Server V4.1:/opt/IBMldapc/
– IBM Directory Server V5.1:/opt/ldap/
v Windows:c:\Program Files\IBM\ldap
cd_installdir
CD OD?<#*kTzD73R=}7D CD,kNDZ 93 3D=< A, :b
L;PD CD 1 hv#
versionspecific_slapd
v IBM Directory Server V4.1 9C slapd w*|n,"T slapd32.conf w
*D~#
v IBM Directory Server V5.1 9C ibmslapd w*|n,"T ibmslapd.conf
w*D~#
my_suffix
z* Tivoli Identity Manager s:(eDNb5,ng com#
*dC IBM Directory Server,kjITB=h:
1. Z 24 3D:* Tivoli Identity Manager 8(s:;
© Copyright IBM Corp. 2003 23
2. :* Tivoli Identity Manager dC}Cj{Te~;
3. Z 25 3D:XBt/?<~qw;
4. Z 26 3D:4( LDAP s:Ts;
* Tivoli Identity Manager 8(s:
** Tivoli Identity Manager 8(s:,kG<= IBM Directory Server 53"4P
TB=h:
1. Z`- versionspecific_slapd.conf D~.0k#9 IBM Directory Server#Zu</
}LP IBM Directory Server +A!CD~,"Z IBM Directory Server U91f
;CD~#
2. `-TBD~:
v UNIX:<dirserver_installdir>/etc/versionspecific_slapd.conf
v Windows:<dirserver_installdir>\etc\versionspecific_slapd.conf
3. R=gBP:ibm-slapdSuffix: cn=localhost
4. ZCPBmSgBP:ibm-slapdSuffix: dc=my_suffix
dP my_suffix Gz* Tivoli Identity Manager (eDs:5#
5. PXdCDB;v=h,kND:* Tivoli Identity Manager dC}Cj{Te
~;#
* Tivoli Identity Manager dC}Cj{Te~
zITZ20 Tivoli Identity Manager .0r.sdC}Cj{Te~#
*iRJCZzD73DD~,kQwZ 93 3D=< A, :bL;PyvD CD 2 #
kR=TB?<:
v AIX:DelRef/aix/
v SUN:DelRef/sun/
v Windows:DelRef\nt\
kR=`&D~:
v libdelref
Tivoli Identity Manager D}Cj{Te~bD~
v timdelref
Tivoli Identity Manager dCD~
":Z UNIX O,k7#e~bD~(libdelref )DD~mI(hC* -r-xr-xr-x#
*dC}Cj{Te~,k4PTB=h:
1. S CD 2 P4FTB Tivoli Identity Manager e~bD~:
v AIX:libdelref.a
v Solaris:libdelref.so
v Windows:libdelref.dll
=TB?<~qw?<P:
v UNIX:<dirserver_installdir>/lib
24 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
v Windows:<dirserver_installdir>\bin
2. SOJD CD ?<4F{F* timdelref.conf D Tivoli Identity Manager dCD
~=TB?<~qw?<P:
v UNIX:<dirserver_installdir>/etc
v Windows:<dirserver_installdir>\etc
3. ^DTB?<~qwD~:
v UNIX:<dirserver_installdir>/etc/versionspecific_slapd.conf
v Windows:<dirserver_installdir>\etc\versionspecific_slapd.conf
4PTB=h:
a. ZCD~PQwKP:
ibm-slapdPlugin: database path_to_rdbmfilename rdbm_backend_init
dP path_to_rdbmfilename D5*:
v AIX:/lib/libback-rdbm.a
v Solaris:/lib/libback-rdbm.so
v Windows:/bin/libback-rdbm.dll
b. ZtSOvP.sD;PPmSTBZ]:
v AIX:
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.a DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
v Solaris:
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.so DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
v Windows:
ibm-slapdPlugin: preoperation "<dirserver_installdir>/bin/libdelref.dll"DeleteReferenceInit file="<dirserver_installdir>\etc\timdelref.conf"dn=dc=my_suffix
":*8( Windows P timdelref.dll M timdelref.conf D~D76,k
7#z+5CZ;T+}E.d#mb,kC}1\8( timdelref.dll
D~D76#
4. XBt/?<~qw#PX|`E",kND:XBt/?<~qw;#
XBt/?<~qw
*#9"XBt/ IBM Directory Server,k4PTB=h:
v Windows:dkTB|n:
net stop "IBM Directory Server version"net start "IBM Directory Server version"
dP version GTB IBM Directory Server f>.;:
– V4.1
– V5.1
r_,4PTB=h:
Z 4 B ?<~qwdC 25
1. %w*< –> hC –> XFfe –> \m$_ –> ~q#
2. R|%w0IBM Directory Server f>1#
3. Z/vK%P,%w#9;s%wt/#
4. 7(}Cj{Te~GqQXBdC#Z D~PiRkTB{"`FD{":
PREOPERATION `MDe~QS c:/Program Files/IBM/ldap/bin/libdelref.dll PI&0k
v UNIX:
1. kdkTB|n:
ps -ef | grep versionspecific_slapd
2. k"bZOv|na{P5XDxLj6(PID)}V#
3. dkTB|naxCxL:kill <PID>
dP <PID> f;*.05XD PID 5#
4. (}X4 ps -ef | grep versionspecific_slapd |n1AxL;Pk|na
{47#CxLQax#
5. XBt/?<~qw,T7#BhCz'#dkTB|n:
versionspecific_slapd
6 . 7 ( } C j { T e ~ G q Q X B d C # Z
dirserver_installdir/var/ldap/versionspecific_slapd .log D~PiRkT
B{"`FD{":
PREOPERATION `MDe~QS /usr/ldap/lib/libdelref.a I&0k
4( LDAP s:Ts
Z* Tivoli Identity Manager 4( LDAP s:Ts.0,zXk8(s:"XBt/
?<~qw#
*4( LDAP s:Ts,k4PTB=h:
v |nP:4(;vkTBZ]`FD LDIF D~,ng suffix.ldif:
dn: dc=my_suffixdc: my_suffixobjectclass: topobjectclass: domain
9C ldapadd |nmSs:#}g,Z;PPdkTBZ]:
<dirserver_installdir>/bin/ldapadd -i <full_path_to_suffix.ldif> -D <ldap_admin>-w <ldap_admin_password>
v LDAP \mXF(:(}+Ts`D5hC*r4(s:Ts#k9CTB.;:
– IBM Directory Server V4.1:?<\m$_
– IBM Directory Server V5.1:\mXF(
}g,4TB=h9C IBM Directory Server V5.1 Web \mXF(:
1. %w?<\m –> mSu?#
2. !qrw*0a9TTs`1#%wB;=#
3. ;*mS0(zTs`1#%wB;=#
4. TZ0`T DN1,mS dc=my_suffix#
5. TZ0XhtT1,mS my_suffix#
26 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
6. %wjI#
7. %w?<\m –> \mu?#
s: dc=my_suffix &CMrDTs`;pPv#
Z,;(FczO9C V5.1 M WebSphere Application Serverg{.0 IBM Directory Server V5.1 QfZ,d20I\|(K WebSphere – Express,
xs_I\4Z?j53P"a#
gz9C Tivoli Identity Manager Z,;(FczO20 WebSphere Application Server,
20}L;alb WebSphere – Express 5}#WebSphere – Express M WebSphere
Application Server +:y,;vKZ/#Z20 Tivoli Identity Manager M WebSphere
Application Server .0,z&Ce}k WebSphere – Express DyP1ZKZe;#
WebSphere Application Server 9CTB1!KZhC:
v HTTP +d(KZ 1):9080
v HTTP +d(SSL,KZ 2):9443
v HTTP +d(KZ 3):9090
v HTTP +d(KZ 4):9043
v Bootstrap/rmi KZ:2809
v r%TsCJ-i(SOAP),SwKZ:8880
9CD>`-w+ WebSphere – Express 9CD?v1!KZ|D*;v49CDKZ#
}g,4PTB=h:
v ZTBD~P^D?v HTTP +dKZE:
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\servers\server1\server.xmldirserver_installdir\appsrv\config\cells\DefaultNode\virtualhosts.xml
C49CDKZEf;TB HTTP +dKZE:
– 9080
– 9443
– 9090
– 9043
v Bootstrap/rmi KZ:2809
R=|,KZE 2809 DP"C;v49CDKZEf;CKZE#CPZTBD~
P:
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\serverindex.xml
v SOAP ,SwKZ:8880
R=|,KZE 8880 DP"C;v49CDKZEf;CKZE#CPZTBD~
P:
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\serverindex.xml
Z 4 B ?<~qwdC 27
Sun ONE Directory Server dC
":ZTBodP,my_suffix Gz* Tivoli Identity Manager (eDNNs:5,n
g com#
*dC Sun ONE Directory Server,kjITB=h:
1. t/ iPlanet XF(#
K1+T> iPlanet XF(G<T00Z#
2. i$\m URL DKZE,dkzD\k"%w7(#
3. *rXF(wPD0?<~qw1"%wr*#
4. !q0dC1!n(#
5. R|%w0dC1!n(P?<~qwwD}]"%wB(ys:#
K1+T>04(BDys:1T00Z#
6. Z04(BDys:1T00D0Bs:1D>VNPdk dc=my_suffix#
7. Z0}]b{F1D>VNPdkZ{D}]b{F#
}g,dkTBZ]:
itimdb
8. g{T/4(X*}]b4!r4;!P,k!q|"%w7(#
K1+T>0h*7O1T00Z#
9. Z0h*7O1T00Z,%wG#
K1+YNvV?<~qwXF(#
10. !q0?<1!n(#
11. R|%w?<~qwwPD?<~qw{F#
K1+T>;v/vK%#
12. !q/vK%D0ByTs1BD dc=my_suffix#
K1+T>0BTs1T00Z#
13. !qr"%w7(#
K1+T> dc=my_suffix D0tT`-w1T00Z#
14. Z0tT`-w1T00ZP%w7(#
K1+YNvV?<~qwXF(#
15. !qNq!n("%wXBt/?<~qw#
K1,Sun ONE Directory Server QhCCK#
16. (}jITB}L,vS Tivoli Identity Manager ~qwDICZf_Y:f:
a. r*?<~qwXF("%wdC!n(#
b. Z?<wP9*0}]1Zc"%w}]bhC!n(#
c. %w LDBM e~hC!n(#
d. yZ2~DomZf,+0ns_Y:fs!1hCh*;vOJD5#
g{ Sun ONE Directory Server G@"20D,r(i+K5hC*53IC
ZfD 75%#
e. %w#f#
f. 9* Tivoli Identity Manager &CLrZc#
28 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
}g,bITG dc=com#
g. !q Tivoli Identity Manager &CLrZcPD}]bTs,"%w}]bh
C!n(#
h. yZ2~DomZf,+0ICZ_Y:fDZf1hCh*;vOJD5#
g{ Tivoli Identity Manager G9CK?<(;D&CLr,(i+K5hC
*0LDBM e~hC1!n(PyhCD0ns_Y:fs!1D 60%#
i. %w#f#
j. %wNq!n("XBt/?<~qw#
Z 4 B ?<~qwdC 29
30 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z 5 B %;~qw20:Tivoli Identity Manager ~qw
>BhvZ%;~qwdCB20MdC Tivoli Identity Manager ~qwDNq#
ZH0420 WebSphere Application Server Base DFczO,%;~qw20}L+
y]TBu~T/20TB&CLrM^)|:
v WebSphere Application Server Base
g{?j53P;fZTBNNLr,r+T/20 WebSphere Application Server Fix
Pack 2 kZ 99 3D=< B, :kT UNIX Dm~M2~*s;PPvD APAR#
– WebSphere Application Server V5.0 r|Mf>
– WebSphere Application Server xg?p
v IBM HTTP Server
g IBM HTTP Server ;fZ,rfZH 1.3.26 MDf>,r+20 IBM HTTP
Server#
v WebSphere 6k={"+]'V
v Tivoli Identity Manager ~qw
":g{Q-20K WebSphere Application Server 5.0,r Tivoli Identity Manager v
20 Tivoli Identity Manager ~qw#
PXX(&CLrf>M^)|DE",kNDZ 99 3D=< B, :kT UNIX Dm
~M2~*s;#
20Nq|,TB=h:
v :*<0;
v Z 37 3D:20 Tivoli Identity Manager ~qw;
*<0
Zz*<.0,k4PTB=h:
v g{ IBM DB2 G}]b,k9CP' db2InstanceHome ?<R= DB2 E*D~#
PX|`E",kNDZ 14 3D:dC IBM DB2 JDBC }/Lr;#
v k7#TB Tivoli Identity Manager X8m~}ZKP:
m 1. X8&CLr
X8m~ PX|`E",kND
}]b Z 11 3DZ 3 B, :}]bdC;
?<~qw Z 23 3DZ 4 B, :?<~qwdC;
v k7#QzcICELUd"ibZfMd|Ud*s#PX|`E",kNDZ
99 3D=< B, :kT UNIX Dm~M2~*s;#
v g{ Tivoli Identity Manager 20}L20K WebSphere Application Server,r?
j53XkzcZ 99 3D=< B, :kT UNIX Dm~M2~*s;MZ 103 3D
© Copyright IBM Corp. 2003 31
=< C, :<8 WebSphere 73;PhvD*s#PX WebSphere *sDd|E",
kND WebSphere Application Server a)DD5#
v k7#z5P}7D\m(^#g;P,kq!C(^"XBt/53T$n}7
D(^#
v g{H0Q20K WebSphere Application Server "R0WebSphere +V2+T1Q
r*,kZ20 Tivoli Identity Manager .sjIX*DV/=h#PXG)20s
=hD|`E",kNDZ 112 3D:20 Tivoli Identity Manager .s%Zc?p
DV/=h;# PX0+V2+T1D|`E",kND WebSphere Application
Server a)DD5#
v 7(?jFczO10GqfZTBLrD5},;sI!X*D|}Yw:
– WebSphere Application Server Base M Fix Pack 2 GqQfZ?
":
1. Z20 Tivoli Identity Manager .0r.s,zXk&CZ 99 3D=< B, :k
T UNIX Dm~M2~*s;PyvDXhD^)|kY1^)Lr#
2. 20Lr+lb WebSphere Application Server 5.0 T0 Fix Pack 2 GqQ
fZ#g{ WebSphere Application Server 5.0 fZ+ Fix Pack 2 ;fZ,
20}L+a>/f{",+;a20 Fix Pack 2#20}L9+lb
WebSphere Application Server xg?p Fix Pack 2#PX|`E",kND
Z 99 3D=< B, :kT UNIX Dm~M2~*s;#
– WebSphere 6k={"+]'VGqQfZ?g{ WebSphere Application Server
QfZZ?j53P,20}L;ali WebSphere 6k={"+]'VGq2
fZ#ZKivB,g{ WebSphere 6k={"+]'V;fZ,kYNKP
WebSphere Application Server 20Lr420 WebSphere 6k={"+]'V#
g{ WebSphere Fix Pack 2 Q&C= WebSphere Application Server Base P,
zXkKP,;^)|T&C WebSphere 6k={"+]'VD9!#
v ki$ WebSphere Application Server Bq~qhCc;s=\&mzD5qwLD
Tivoli Identity Manager :X#PX^Db)hCDj8E",kNDZ 110 3D:d
C WebSphere Application Server Bq~qhC;#g{z;^Db)hC,9.\
&mzD5qwL:X,rksZjI.0I\,1#
v g{FczO20P`vf>D WebSphere Application Server,k7#zQbvKy
PKZJb#PX|`E",kNDZ 33 3D:bvKZJb;#
v Z*20 Tivoli Identity Manager DFcz,hCT&ZzDoT73D5T7#\
6poTq=#
":ZUoP,7#'V`k=( Shift-JIS#g{b)54;hC,r+^(i4m
I$E"#k*oT73d?hCTB5:
– Solaris:LC_ALL=ja_JP.PKC
– AIX:LC_ALL=Ja_JP
v 7# WebSphere Application Server Fix Pack 2 2&CZQ20 Web ~qwDFc
z#Z20^)|0#9 Web ~qw#
":ZdCPI\PtI WebSphere Web e~,|(xP WebSphere Application
Server xg?pDFczOD WebSphere Web ~qwe~#
v jIdCDE"$wm#
32 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
bvKZJb
53I\"zTBKZJb:
v Z20 Tivoli Identity Manager .0,k7#QZTB;C* WebSphere 5.0 (e
K,; SOAP KZ:
– ZTBD~PD com.ibm.ws.scripting.port:
{WAS_HOME}/properties/wsadmin.properties
– ZTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ:
{WAS_HOME}/config/cells/<cell_name>/nodes/<node_name>/serverindex.xml
g{5;;y,k4TB=h|}KZE:
1. r* wsadmin.properties D~#
2. + com.ibm.ws.scripting.port D5|D*zZ serverindex.xml D~PR=D
5#
":g{IZ SOAP KZE;}7x9C20'\,k|}KZ8("XBKP
{ITIM_HOME}/bin/runConfig install |n#
v 20jI.s,g{ibwzKZ5k Tivoli Identity Manager h*D5;,,Tivoli
Identity Manager G<xL+'\#
Tivoli Identity Manager *sibwzKZ5* 80 M 9443#g{2+(EQtC,
+9CKZ 9443#
ZFczO20 WebSphere ~qwD5}+8( Tivoli Identity Manager $F9C
DibwzKZED}75#
+G,Z,;FczO20 WebSphere ~qwDZ~v5}(ng xg?p\m
w)+T/98(x xg?p\mwDKZEvS 1#}g,ibwzKZES 80
vS= 81,S 9443 vS= 9444#zXk+KZEXBdC* Tivoli Identity Manager
*sD}V#
*|}ibwzKZE,kCJ WebSphere \mXF("4PTB=h:
1. %w73 –> ibwz –> 1!wz –> wzp{#
2. +ibwzKZ5|D* 80 M 9443#
3. (}!qkZc,=|D,+CdC#f=wb#
4. %w|B Web ~qwe~"%w7(#
5. XBt/:/#
%;~qw20DE"$wm
Z*<20.0kU/TBE":
}]bE"
*X5}]b\m53U/TBE":
\m1j6 ______________________________
20}]b14(D\m1C'j6(db2InstanceName w*}]b5}yP
_)#}g,TBG IBM DB2 D1!5:
v UNIX:db2inst1
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 33
v Windows:db2admin
PX|`E",kNDZ 11 3D:IBM DB2 dC;#
\m1\k ______________________________
\m1C'j6D\k#
}]b{F ______________________________
8( Tivoli Identity Manager ~qw,S=}]bD==#g{G>X20}
]b,r0}]b{F1GC}]bD{F#}g,0}]b{F1D5G
itimdb#g{G6L20}]b,r0}]b{F1G6L}]bD>Xp
{#PX9C catalog |n48(6L}]bD|`E",kNDZ 14 3D
:dC IBM DB2 JDBC }/Lr;#
}]b`M ______________________________
*zD539CD}]b`M#}g,}]bG IBM DB2#
}]b>$:
}]bC'
Tivoli Identity Manager ~qwCZG<=}]bDJ'#C'j6G
enrole#
":KC'j6;\|D#
C'\k
Tivoli Identity Manager ~qwCZG<=}]bDJ'\k#
IP X7 ______________________________
}]b~qwD IP X7#T IBM DB2 ;GXhD#xT Oracle M SQL
Server 2000 GXhD#
KZE ______________________________
}]b~qwDKZE#T IBM DB2 ;GXhD#xT Oracle M SQL Server
2000 GXhD#
mb,20}L9(fTB}]bXE"#}]bXE"7( Tivoli Identity Manager ~
qwITT}]br*D JDBC ,SD}?#XZ|`DE",kND Tivoli Identity
Manager Server Configuration Guide#
ky]z>cDhs@@TBw5:
u<]?
Tivoli Identity Manager ~qwITT}]br*D JDBC ,SDu<}?#
ns]?
ZNN;v1L,Tivoli Identity Manager ~qwITT}]br*D JDBC ,
SDns}?#
G<S1k}
xP,S.dD1d(Tk*%;)
34 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
?<~qwE"
kU/TBE":
wz{ ______________________________
?<~qwD+^(wz{#}g,identity1.mylab.mydomain.com#
Identity Manager DN ;C ______________________________
zZ0;C1VNPdkD5(ng dc=com)XkkzZdC LDAP 14(
Ds:(}g dc=com)`%d#PX|`E",kNDZ 23 3DZ 4 B, :?
<~qwdC;#
i/{F ______________________________
Z0zDi/{F1VNPdkD5+T>Zm` Tivoli Identity Manager <
NC'gfA;PyT>Di/<mO#K5;cGz+>HO}=D{F#
}g,i/{F* IBM +>#
":zITZKVNPdk%VZV{/(ASCII)V{r+VZV{/V
{#
1!i/L{F ______________________________
Z01!i/L{F1VNPdkD5+Z IBM Directory Server Z?CTz
mzDi/#K5;cGz+>{FDu4#}g,L{F* ibmcorp#
":Z01!i/L{F1VNP;\dk%VZV{/(ASCII)V{,n
gC"om>Dj6#
"Pf"x}? ______________________________
"Pf"xCZVI}]nTxPErri/#ky]z>cDhs@@1!
5(1)#
KZ ______________________________
?<~qw+l}DKZ,ng 389#
we DN ______________________________
we(P{FC'j6#}g,cn=root#
\k ______________________________
zZ20?<~qw14(Dwe(P{FC'j6D\k#
mb,20}L9(f Tivoli Identity Manager ~qwICJD LDAP ,SXDTB
w LDAP ,SXE"VN#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#
ky]z>cDhs@@TBw5:
nsXs!
ZNN1d LDAP ,SXDns,S}
nuDXs!
nu* LDAP ,SX4(D,SD}?
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 35
v?F}
1yP,SyZ9CDivB,?Nks,S1mS= LDAP ,SXD,SD
F}#
%;~qw20D WebSphere Application Server E"
%;~qwdCD WebSphere Application Server 20_PTBVN#PX|`E",
kNDZ 103 3D=< C, :<8 WebSphere 73;#
$w>wz{______________________________
Z%;~qw20}LPT>D+20 WebSphere Application Server Base D
omFczDP'wz{#g{ WebSphere Application Server Base Q20,
r;T>KVN#
":g{*9C/,wzdC-i(DHCP)7(FczD IP X7,r;*9
CFczD+^(wz{#kv9CL{F#
20?< ______________________________
WebSphere Application Server Base D20?<#}g,Solaris 1!?<G
/opt/WebSphere/AppServer# KVNPTBu~:
v g{ Tivoli Identity Manager 20Lr20 WebSphere Application Server
Base,rKVNGXhD#
v *K7O WebSphere Application Server Base GqQ-20#
Zc{ ______________________________
C'(eDZc{(#8(*k_PL( IP wzX7DomFczDwz{`
,#
KZ ______________________________
WebSphere Application Server +l}DKZ#1!5G 9090#zXk7#KK
ZIC#g{ WebSphere Application Server Base Q20,r;T>KVN#
~qw{F ______________________________g{H0Q-20K WebSphere Application Server,rKVNa>zdk
WebSphere Application Server {F#bGZ%;~qw20}LPz?p Tivoli
Identity Manager D?j WebSphere Application Server#
2+ThC
TBVNT>Z053dC2+T1!n(O#
S\(4!r)
T Tivoli Identity Manager tTD~PD}]b"LDAP M WebSphere
Application Server \m1C'j6D\kxPS\#
&CLr~qwC'\m
9z\hCk7OTBC'D\k:
53C'
WebSphere Application Server C'j6M\k#v1r*
WebSphere +V2+T1GXhD#gZ 111 3D:WebSphere
D2+T;PyvDV/=h,KC'j6_P;vng
wasadmin D5#
36 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
EJB C'
zXkZt/20.0Q(eDC'M\k#v1r*
WebSphere +V2+T1GXhD#gZ 111 3D:WebSphere
D2+T;PyvDV/=h,KC'j6_Png itimadmin
D5#
":g{KVNvV1Q$HmCKZ],rKVNI\|,
5 wasadmin#+CVND5|D*5 itimadmin#
IBM HTTP Server E"
kU/TBE":
20?< ______________________________
KVNZ%;~qw20}LPT>#KVNv1 WebSphere Application Server
k IBM HTTP Server y;201T>#bG IBM HTTP Server D20?<#
Tivoli Identity Manager E"
k"b Tivoli Identity Manager DTBE":
S\\?
\?I\GNNVrLo#\?CZS\ Tivoli Identity Manager \kMd|
tPD>#C5w* enrole.encryption.password f"Z enRole.properties
D~P#
U>G<6p
T>ZzY53ms1U>Dj8LH#(}Z0U>G<6p1VNPhC
INFO k FATAL .dD}V,53\m1\;!qU>D~Dj8LH#U
>G<6p=_,53DT\=C,r*4kU>D~DE"+=Y#
J~~qw{F
'V SMTP J~~qw#SMTP wzGJ~xX#
C'j6 ____itim manager________
Tivoli Identity Manager C'j6#20sD1!5G itim manager#G< Tivoli
Identity Manager 1k9CKC'j6#
\k ____secret______________
8(* itim manager D Tivoli Identity Manager \m1C'j6D\k#Z
20s"LvVD1!\kG secret#
":G< Tivoli Identity Manager ~qw1,53a?Fz|D\m1J'\
k#
20 Tivoli Identity Manager ~qw
TBwL<hvZ%;~qwdCP20 Tivoli Identity Manager ~qw}LPB~D
y>3r:
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 37
*Z%;~qwdCP20 Tivoli Identity Manager ~qw,kjITB=h:
1. Z 39 3D:/@nuD06-10ZM0mI10Z;
< 5. %;~qw20wL<(UNIX)
38 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
2. Z 40 3D:!q20`MM20?<;
3. Z 41 3D:!q}]b;
4. Z 41 3D:jI%;~qw200Z;
5. Z 43 3D:8( WebSphere +V2+T;
6. Z 45 3D:8(S\\?"DA200**;
7. Z 46 3D:20x9Md|dCn/;
8. Z 56 3D:%;~qw20DU>M?<;
9. Z 56 3D:jI2+TdC;
10. Z 57 3D:bT Tivoli Identity Manager ~qwD(E;
/@nuD06-10ZM0mI10Z53Z20}L*<.0avV;5P6-MmI0Z#*/@b)u<0Z,k4
PTB=h:
1. G<=+*20 Tivoli Identity Manager ~qwDFcz#
":
1. zXk9C_P53\mX(DJ'G<(root)#
2. g{}]b* IBM DB2,k7#z.0Q-R= IBM DB2 E*D~#
2. Q Tivoli Identity Manager z7 CD ek= CD-ROM }/wP#**zD73R
=}7D CD,kNDZ 93 3D=< A, :bL;#
3. r*;v|na>{0Z"P;=zD CD-ROM }/wL{#TBG Tivoli Identity
Manager 20Lr:
v AIX:instAIX-WAS.bin
v Solaris:instSOL-WAS.bin
4. g{z;20 Tivoli Identity Manager,zIT1SS CD OKPC20Lr#
g{zH*20 Tivoli Identity Manager V*20 WebSphere Application Server
Base,r;\S CD OxP20#k4PTB=h:
a. + Tivoli Identity Manager 20Lr4F=zZ2LO4(D;vY1?<P#
b. SCY1?<KP Tivoli Identity Manager 20Lr20 Tivoli Identity Manager
M WebSphere Application Server Base#
K106-10Z+r*#
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 39
5. *|DvCZ20feODoT,k%w8>0"o1DrPDrB}7"!qm
;VoT#%w7(#
":C!n;a!q Tivoli Identity Manager &CLr.sKP19CDoT|#
K10mI$-i10Z+r*#
6. DAmI$-i"7(GqS\dun#g{S\,k%wS\#%wB;=#
!q20`MM20?<
K10!q20`M10Z+r*#
< 6. 06-10Z
40 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
k4PTB=h:
1. !q%;~qw!n,"%wB;=#
K10!q20?<10Z+r*#
2. S\1!20?< /itim45 r(}%w!q...4!qm;v?<#%wB;=#
!q}]bK1ar*0!q}]b`M10Z#
!qTBdP;V}]b`M"%wB;=:
v IBM DB2 (C}]b
g{ IBM DB2 G}]b,kZt/ Tivoli Identity Manager 20Lr.09CP
' db2InstanceHome ?<R= DB2 E*D~#PX|`E",kNDZ 14 3D:d
C IBM DB2 JDBC }/Lr;#
v Oracle#PX|`E",kNDZ 17 3D:Tivoli Identity Manager D Oracle 20M
dC;#
jI%;~qw200Zg{%;~qw20}LP4lb= WebSphere Application Server M IBM HTTP
Server,r+"zTB3r=h:
":g{20}Llb=VfD&CLr,b)=hD3r+Dd#
1. K1+vV;vksdk WebSphere Application Server M IBM HTTP Server y
9CD20?<D0Z#
< 7. 0!q20`M10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 41
S\1!?<,r_dkzF.C420 WebSphere Application Server M IBM
HTTP Server D8C?<# %wB;=#
":g{lb=.0fZ}7f>D WebSphere Application Server,r+vV;v
m;0Z#g{lb=.0fZ}7f>D IBM HTTP Server,dVN;T>
ZC0ZP#
2. .s+vV;v0Z,a>dk$w>wz{"Zc{T0 WebSphere Application
Server l}DKZ#
":g{Q20 WebSphere Application Server,+vV;va>zdk WebSphere
Zc{M WebSphere Application Server {FD0Z#g{9C DHCP 7(F
czD IP X7,rk;*9CCFczD+^(wz{#kv9CL{F#}
g,identity1 GL{F,x identity1.tivlab.raleigh.ibm.com G+^({#
< 8. 0*20 WebSphere Application Server dkTB}]10Z
42 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
S\1!5rJ1^Db)5#%wB;=#
3. g{ Tivoli Identity Manager 20K WebSphere Application Server,ravVhv
WebSphere Application Server h*DX8m~Dd|0Z#k"bb)*s#%w
7(#
":g{bGZ Solaris D20,k7# Tivoli Identity Manager h*Dd|53Z
K5Q}7hC#*qCZK5DPm,kNDZ 99 3D=< B, :kT UNIX
Dm~M2~*s;#
8( WebSphere +V2+T
53+r*0WebSphere 2+T10Z#
":v1Q20 WebSphere Application Server 1ET>0WebSphere 2+T10ZM
>$0Z#
< 9. 020 WebSphere Application Server Base D}]10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 43
g{0WebSphere +V2+T1Qr*,k%wtC WebSphere 2+T#
K1+vVm;v0Z,*sz8( WebSphere Application Server C'j6M\k#
bGZ 111 3D:WebSphere D2+T;PDV/=hyhvD wasadmin C'j6#
ka)C'j6M\k"%wB;=#
< 10. 0WebSphere 2+T10Z
< 11. 0WebSphere \m1>$10Z
44 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
8(S\\?"DA200**
08(S\\?10Zr*s+vV20**0Z#
1. ka);vS\\?,|I*NNVrLo#\?CZS\ Tivoli Identity Manager
\kMd|tPD>#C5w* enrole.encryption.password f"Z
enRole.properties D~P#%wB;=#
K1+r*0200**10Z,dPPv*20Di~"yhDICELUdT
020?<,ng /itim45#
2. ZLx0k7#yhELUdIC,"%w20#
g{ Tivoli Identity Manager 20K WebSphere Application Server,rZ;N1d
dts+T>;v0Z,ksdk|, WebSphere Application Server 20~xFD
~D?<#
3. 8(20D~D;C"%wB;=:
v AIX:mount_point/aix
v Solaris:mount_point/sun
Z20*s9CD1ddtP+r*;5PD20x90Z#ZyhJ4*snM
DFczO,1ddtDwCa\Tx#
< 12. 08(S\\?10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 45
20x9Md|dCn/
20}LZ;N1dZ20 Tivoli Identity Manager ~qw#20.s,aT/r*d
|0Z:
1. :Tivoli Identity Manager }]bDu<dC;
2. Z 47 3D:Tivoli Identity Manager ?<Du<dC;
3. Z 48 3D:Tivoli Identity Manager Du<dC;
Tivoli Identity Manager }]bDu<dC
53ar*;v}]bdC0Z,zIxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
KdCn/+dCtTD~"Z Tivoli Identity Manager }]bP("m#
k4PTB=h:
1. 1 Tivoli Identity Manager0}]bdC10Zr*1,kdkOJD5#
< 13. 20x90Z
46 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":g{z*9C Oracle w*zD}]b,rXkZLx4P IBM Tivoli Identity
Manager0}]bdC10Z.0,+ Oracle JDBC }/Lr4F=
<ITIM_HOME>/lib ? < T 0 W e b S p h e r e A p p l i c a t i o n S e r v e r D
{WAS_HOME}/installedApps/enrole.ear ?<P#zIZZ 93 3D=< A, :b
L;PyvD9d CD OR= Oracle JDBC }/LrD1>(Z{*
classes12.zip DD~P)#
2. * Tivoli Identity Manager 9CD}]bjI}]bdCVN#g{}]bG IBM
DB2,r0IP X71M0KZE1VNGRtD#Td|}]bb)VNGXhD#
}g,0}]b{F1r0p{1ITGng itimdb Du?#0\m1j61VN
D5GTB5PD;v:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 12 3D:dC IBM DB2 ~qw;#
3. %wbT#1}]bbTI&1,0}]bdC10ZPD0C'j61M0C'
\k1VN+d*n/4,#
4. *b)VNdkOJD5,"%wLx#
Tivoli Identity Manager ?<Du<dC
53+r*;v?<~qwdC0Z,zITxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
< 14. 0}]bdC10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 47
kdkOJD5xP?<~qwDu<dC,Tc6p Tivoli Identity Manager#
k4PTB=h:
1. Zwv LDAP ~qwE"VNPdk5#}g,0wz{1VND5GKP?<~
qwDFczD+^(wz{#
2. %wbT#1,S?<~qwDbTI&1,Identity Manager ?<E"?VDVN
+d*n/4,#
3. (}8( Tivoli Identity Manager Ds:,0Identity Manager DN ;C1D5G
dc=my_suffix#PX|`E",kNDZ 24 3D:* Tivoli Identity Manager 8(
s:;#4ivjIb)VN"%wLx#
Tivoli Identity Manager Du<dC
TZyP20`M,k9C Tivoli Identity Manager ~qwa)D053dC10Z|
D}]b~qw"?<~qwMd|~qD5:
1. 0#f1!n(G;5PCZdC Tivoli Identity Manager ~qwD053dC1
!n(PDZ;v#
< 15. 0?<dC10Z
48 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
0#f1!n(PDVN5+;$nd#PXb)VND|`E",kND Tivoli
Identity Manager Server Configuration Guide PD53dCE"#
2. %w0?<1!n(#
K1+r*0?<1!n(0Z#
< 16. 0#f1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 49
X*1,k^D?<~qwDE"#g{K20GZ:/I1OxPD,rKE
"Xkk.0* xg?p\mw8(D LDAP E"`%d#
3. %w}]b!n(#
K1+r*0}]b1!n(0Z#
< 17. 0?<1!n(0Z
50 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
4. k* Tivoli Identity Manager }]ba)0}]b{F1,SE"#}g,0}]
b{F1D5I* itimdb#1!C'j6* enrole#g{C20Z:/I1Ox
PD,KE"Xkk.0* xg?p\mw8(D}]bE"`%d#
5. %wU>G<#K1+r*0U>G<1!n(0Z#
< 18. 0}]b1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 51
6. r_S\1!5 WARN,r_vZ>cT\D<G|Db)5Dj8LH#
7. %wJ~!n(#
K10J~1!n(0Z+r*#
< 19. 0U>G<1!n(0Z
52 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
8. Z0J~1!n(PdkXh5"%w7(#PXb)VND|`E",kND
Tivoli Identity Manager Server Configuration Guide#
":
1. Identity Manager ~qw URL VND5Gzm~qwD URL(}g,CZG
<= Tivoli Identity Manager D IBM HTTP Server)#
2. +0J~4T1X7|D*z>cD Tivoli Identity Manager 53\m1Dg
SJ~X7#zXk|DKX7,qrarPvDgSJ~X7"M,xJ
~#
9. %w UI#
K1+r* UI !n(0Z#
< 20. 0J~1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 53
10. r_S\ UI !n(OD1!5,r_^DUjMX7E"T8(zDi/D(F
06-1T>==M Web X7#0Pm3s!18(ZyPC'gfPT>ZP
mPDnD}?#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#%w7(#
11. %w2+T#
K102+T1!n(0Zr*#
< 21. UI !n(0Z
54 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
g{0WebSphere +V2+T1Qr*,xRQdk\m1C'j6M\k,rb
)VNa;$nd#g{0WebSphere +V2+T14r*,b)VN+*UW#
":
1. 0EJB C'1M0\k1VNDu<5G053C'1M0\k1VND5#z
I\h*^D0EJB C'1M0\k1VN#EJB C'j6D$HXkYZ 12
vV{#
2. g{zZK53dC02+T10ZP|DK EJB C'j6r EJB \kD5,
rZ20 Tivoli Identity Manager .sh*4PV/=h+2+TG+3d=
ITIM C',Sxt/ Tivoli Identity Manager#PX|`E",kNDZ 111
3D=< D, :2+T<G;#
12. %w7(TjI53dC#
13. mb,k7#d|52JZKP Tivoli Identity Manager M`X&CLr9CDd
C#
< 22. 02+T1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 55
%;~qw20DU>M?<
53dCjI1,k"bTBU>;C:
m 2. 20U>D~{FM?<
D~{ ?<
dbConfig.stdoutldapConfig.stdoutitim45_installer_debug.txtrunConfig.stdout(kT:/20)runConfigTmp.stdout(Z%;~qwMxg?p\mwO)
{ITIM_HOME}/install_logs
itim45_install.stdoutitim45_install.stderr
53 root
Tivoli_Identity_Manager_InstallLog.log g { 2 0 I & j I , r ? < *
{ITIM_HOME}#g{20'\,U>D~
+Z53 root P#
log.txtihs_log.txtmq_install.logserver1/SystemOut.logitim.log
v AIX:/usr/${WAS_HOME}/logs/
v Solaris:/opt/${WAS_HOME}/logs/
g{ Tivoli Identity Manager 20}L20K WebSphere Application Server,r+f
ZTB?<:
m 3. d|&CLr?<
&CLr ?<
WebSphere 6k={"+]'V v AIX:/usr/mqm M /var/mqm
v Solaris:/opt/mqm M /var/mqm
PX WebSphere Application Server U>D~D|`E",kND WebSphere Application
Server D5#
jI2+TdC
g{zrctC J2EE 2+T,kjITB=h:
v 20 Tivoli Identity Manager .s,kjITBV/=hTjI3d"XBt/ J2EE
2+T#PX|`E",kNDZ 112 3D:20 Tivoli Identity Manager .s%Z
c?pDV/=h;#
v k7# was.policy D~fZ#PX|`E",kNDZ 112 3D:dC was.policy
D~;#
Z20 Tivoli Identity Manager .s9C runConfig20 Tivoli Identity Manager .s,k9C runConfig |n*ngTBwVn/jI
53dC:
v |D enrole C'D\k#
56 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
v 8(\kS\"|B Tivoli Identity Manager EJB C'j6M\k#PX|`E",
kNDZ 48 3D:Tivoli Identity Manager Du<dC;PXZ053dC10ZP
D!n(Dhv#
PX9C runConfig |nD|`E",kND Tivoli Identity Manager Server
Configuration Guide#
P!qX20oT|
g{1!oT;G"o,kZ20 Tivoli Identity Manager sP!qXq!k20 Tivoli
Identity Manager ~qwDoT| CD#9C|nP==420oT|#}g,dkTB
Z]:
java –jar itimlp_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20Lr
feOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java Runtime
Environment 1.3.1#
bT Tivoli Identity Manager ~qwD(E
*bT}]b"?<~qwM Tivoli Identity Manager ~qwGqQ}7dC"%`(
E,kjITB=h:
1. bT JDBC }/LrT7#|}ZKP:
a. Z*<.0,k7#}]b~qwM WebSphere Application Server }ZKP#
PXt/ WebSphere Application Server D|`E",kNDI WebSphere
Application Server a)DD5#
b. CJ WebSphere Application Server \mXF(#
c. %wJ4 –> JDBC a)Lr#!q?jZc#
d. !q~qww*6',;s!q;v?j~qww* server1,Y%w&C#
e. v/= JDBC a)LrPm"+w ITIM JDBC a)Lr#
f. v/T>DT0rTi40d|tT1#%w}]4#
g. ZT>D0}]41T0rP,%wbT,S#K1+vV;u8>bTa{
D{"#
g{bT'\,k7#zQ}7R= IBM DB2 E*D~#g{z}Z9C IBM
DB2 V7.1 r V7.2,"RCz7xPyhD^)|,k7#Zt/ WebSphere
Application Server .0Z shell PKPK usejdbc2 shell E>#YNbT,S#
g{,S;pwC,ki$ enrole C'j6M\kyQ}7dC#g{ IBM
DB2 }]bG6LD,k7#T}]b~qwMM'z&CK,; IBM DB2 ^
)|6p#
":Fix Pack 3 +Q IBM DB2 V7.1 73(F= IBM DB2 V7.2 ;cICT
6p#PX|`E",kNDZ 99 3D=< B, :kT UNIX Dm~M2
~*s;#
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 57
2. %;~qw20}L+T/t/ Tivoli Identity Manager ~qw#g{~qw4Z
KP,kt/ Tivoli Identity Manager ~qwMyPX8&CLr#g{ IBM DB2
Q9C,k7#zZt/ WebSphere Application Server .0QR= IBM DB2 E
*D~#
kdkTB|n:
{WAS_HOME}/bin/startServer.sh servername
}g:
{WAS_HOME}/bin/startServer.sh server1
3. G<= Tivoli Identity Manager#}g,Z/@w0ZdkTBZ]:
http://hostname/enrole
dP hostname G}ZKP Tivoli Identity Manager ~qwDFczD+^({r IP
X7#
":
1. k;*Z,;M'zFczOt/=v@"D/@wa0#b=va0+;S
w;va0j6,Sxzz}]Jb#
2. g{z9C%cG<&\G<"h*!q;VoT,kZ Web >cX7s7S
/language#}g,dk:
https://mysite.myco.com/itim/enrole/language
PX*zD Web /@wdC1!oTD|`E",kND Tivoli Identity Manager
Server Configuration Guide#
4. dk Tivoli Identity Manager \m1C'j6(itim manager)M\k(Z20.s
"4vV,5*0secret1)#
5. 4PX*D=h4(C'(ITIM C')#PX|`E",kND*zozr Tivoli
Identity Manager Policy and Organization Administration Guide#
PX&CKPD}LD|`E",kND Tivoli Identity Manager Server Configuration
Guide#
~qwkzmLrD(E
9Cx Tivoli Identity Manager zmLrD Tivoli Identity Manager 53h*9Czz
$iT7# Tivoli Identity Manager ~qwMzmLr.dD(E2+#
k Tivoli Identity Manager zmLrD$iT&DO$PDXkZ {ITIM_HOME}/cert
?<P#PX\'VD$i`M,kND Tivoli Identity Manager Server Configuration
Guide T0X(zmLrD208O,TKb|`E"#
":
1. k;N20;vzmLrE*D~,"Z20m;vzmLrE*D~.0jI0
;vE*D~D20#,120`vE*D~I\<B Tivoli Identity Manager ~
qw?FXB}<#
2. g{1!oT;G"o,Z20Z;v Tivoli Identity Manager zmLr0kP!
qXqCk20 Tivoli Identity Manager zmLroT| CD#Z Tivoli Identity
Manager ~qwO9C|nP==420zmLroT|:
58 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
java –jar itimlp_agents_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20
LrfeOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java
Runtime Environment 1.3.1#
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 59
60 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z 6 B :/20:Tivoli Identity Manager ~qw
>BhvgNZ:/r&\:/dCP20MdC Tivoli Identity Manager ~qw#Z
Lx.0,kNDZ 9 3D:9C Tivoli Identity Manager 1D WebSphere 73^
F;#
":
1. Z:/73P,Tivoli Identity Manager 20}L";T/20 WebSphere Application
Server#Z:/O20 Tivoli Identity Manager .0,k20"dC WebSphere i
~#
2. Z:/O20 Tivoli Identity Manager Xk43rjI,;N;(Fcz#
3. PXyhD&CLrf>M^)|DE",kNDZ 99 3D=< B, :kT UNIX
Dm~M2~*s;#
20Nq|,TB=h:
v :*<0;
v Z 67 3D:20 Tivoli Identity Manager ~qw;
*<0
Zz*<.0,k4PTB=h:
v g{ IBM DB2 G}]b,k9CP' db2InstanceHome ?<R= DB2 E*D~#
PX|`E",kNDZ 14 3D:dC IBM DB2 JDBC }/Lr;#
v k7(z>cP$HfZD WebSphere Application Server dCGqGZ 9 3D:9
C Tivoli Identity Manager 1D WebSphere 73^F;PyPDdC.;#
v gZ 63 3D:9C xg?p\mw4(:/;MZ 105 3D:dC Tivoli Identity
Manager :/;Pyv,kjIb)=hT9l;v WebSphere Application Server
%*T0;vr`v:/#
v k7#TBwn}ZKP:
m 4. XkZKPD&CLr
X8m~ PX|`E",kND:
}]b Z 11 3DZ 3 B, :}]bdC;
?<~qw Z 23 3DZ 4 B, :?<~qwdC;
xg?p\mw Z 109 3D:7# xg?p\mwMZczmLrZ
KP;WebSphere Application Server Zczm
Lr
WebSphere Application Server JMS ~q
w
bG WebSphere 6k={"+]'V
":g{H0fZ WebSphere MQ V5.3,kNDZ 104
3D:9CVPD WebSphere MQ V5.3;#
v k7#zcICELUdMibZf?D*s#PX|`E",kNDZ 99 3D=
< B, :kT UNIX Dm~M2~*s;#
© Copyright IBM Corp. 2003 61
v k7#z5P}7D\m(^(root)#g;P,kq!C(^"XBt/53T$
n}7D(^#
v k7#zQbvyPKZJb#PX|`E",kND:bvKZJb;#
v Z*20 Tivoli Identity Manager DFcz,hCT&ZzDoT73D5T7#\
6poTq=#
":ZUoP,7#'V`k=( Shift-JIS#g{b)54;hC,r+^(i4m
I$E"#k*oT73d?hCTB5:
– Solaris:LC_ALL=ja_JP.PKC
– AIX:LC_ALL=Ja_JP
v 7# WebSphere Application Server Fix Pack 2 2&CZQ20 Web ~qwDFc
z#Z20^)|0#9 Web ~qw#
":ZdCPI\PtI WebSphere Web e~,|(xP WebSphere Application
Server xg?pDFczOD WebSphere Web ~qwe~#
v jIdCDE"$wm#
bvKZJb
53I\"zTBKZJb:
v Z20 Tivoli Identity Manager .0,k7#QZTB;C* WebSphere 5.0 (e
K,; SOAP KZ:
– ZTBD~PD com.ibm.ws.scripting.port:
{WAS_NDM_HOME}/properties/wsadmin.properties
– ZTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ:
{WAS_NDM_HOME}/config/cells/<cell_name>/nodes/<node_name>/serverindex.xml
g{5;;y,k4TB=h|}KZE:
1. r* wsadmin.properties D~#
2. + com.ibm.ws.scripting.port D5|D*zZ serverindex.xml D~PR=D
5#
":
1. g{IZ SOAP KZE;}79C20'\,k|}KZ8("XBKP
runConfig |n#
2. g{ WebSphere Application Server xg?pM WebSphere Application Server <
20Z,;53P,k9C serverindex.xml D~P&CZ WebSphere Application
Server xg?p\mwDKZE#
v 20jI.s,g{ibwzKZ5k Tivoli Identity Manager h*D5;,,Tivoli
Identity Manager G<xL+'\#
Tivoli Identity Manager *sibwzKZ5* 80 M 9443#g{2+(EQtC,
+9CKZ 9443#
ZFczO20 WebSphere ~qwD5}+8( Tivoli Identity Manager $F9C
DibwzKZED}75#
62 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
+G,Z,;FczO20 WebSphere ~qwDZ~v5}(ng xg?p\m
w)+T/98(x xg?p\mwDKZEvS 1#}g,ibwzKZES 80
vS= 81,S 9443 vS= 9444#zXk+KZEXBdC* Tivoli Identity Manager
*sD}V#
*|}ibwzKZE,kCJ WebSphere \mXF("4PTB=h:
1. %w73 –> ibwz –> 1!wz –> wzp{#
2. +ibwzKZ5|D* 80 M 9443#
3. (}!qkZc,=|D,+CdC#f=wb#
4. %w|B Web ~qwe~"%w7(#
5. XBt/:/#
9C xg?p\mw4(:/
":PX8( WebSphere %*D|`E",kNDZ 105 3D:dC Tivoli Identity
Manager :/;#
*4(:/"C:/I1nd|,kZ*<20 Tivoli Identity Manager .09C
WebSphere \mXF(4PTB=h:
1. G<= xg?p\mw\mXF(#
2. Zs0qP,%w~qw –> :/#
3. %wB(#
K1+vV04(B:/1T0r#
4. dkB:/D{F#}g,dk ITIM_CLUSTER#
":
1. g{z*4(x`v:/D&\:/,kX4K}L"*a) Tivoli Identity
Manager C'gfcD;v:/8(:/{F,ng ITIM_UI_CLUSTER,,1*
a) Tivoli Identity Manager $wwcDm;v:/8( ITIM_WF_CLUSTER#
2. :/{FxVs!4#
":
5. %wB;=#
K1+vV04(B:/~qw1T0r#
6. YhzP}v:/I1*8(,kdk;vB:/I1D{F"!qdZc"%
w&C#
Z04(B:/~qw1T0rW?+vV:/I1Pm#kliCPm,T7
#B:/I1QmS#
7. (}dk?vB:/I1D{F"!qdZcmSd|:/I1#jImSyP
I1s,%wB;=#
K1+T>0**1T0r,dPP:/I1Pm#kliC**T7#:/I
1{FM~qw{Fy}7#
8. %wjI#
9. %w:/XK,9*z4(D:/Dw"lidI1#
Z 6 B :/20:Tivoli Identity Manager ~qw 63
10. g{C:/Q}78(,k%w:/,;s%w#f,Tc+B:/#f= xg?
p\mwwbP#PX:/P9CDbD|`E",kND WebSphere Application
Server D Redbooks ya)DE"#PX|`E",kNDZ vi 3D:X8m~z
7vfo;#
":#fdC1,!qkZc,=|D#
11. |B Web ~qwe~#*K,k%w73 –> |B Web ~qwe~ –> 7(#
:/20DE"$wm
Z*<20.0kU/TBE":
}]bE"
*X5}]b\m53U/TBE":
\m1j6 ______________________________
20}]b14(D\m1C'j6(db2InstanceName w*}]b5}yP
_)#}g,TBG IBM DB2 D1!5:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 11 3D:IBM DB2 dC;#
\m1\k ______________________________
\m1C'j6D\k#
}]b{F ______________________________
8( Tivoli Identity Manager ~qw,S=}]bD==#g{G>X20}
]b,r0}]b{F1GC}]bD{F#}g,0}]b{F1D5G
itimdb#g{G6L20}]b,r0}]b{F1G6L}]bD>Xp
{#PX9C catalog |n48(6L}]bD|`E",kNDZ 14 3D
:dC IBM DB2 JDBC }/Lr;#
}]b`M ______________________________
*zD539CD}]b`M#}g,}]bG IBM DB2#
}]b>$:
}]bC'
Tivoli Identity Manager ~qwCZG<=}]bDJ'#C'j6G
enrole#
":KC'j6;\|D#
C'\k
Tivoli Identity Manager ~qwCZG<=}]bDJ'\k#
IP X7 ______________________________
}]b~qwD IP X7#T IBM DB2 ;GXhD#xT Oracle M SQL
Server 2000 GXhD#
64 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
KZE ______________________________
}]b~qwDKZE#T IBM DB2 ;GXhD#xT Oracle M SQL Server
2000 GXhD#
mb,20}L9(fTB}]bXE"#}]bXE"7( Tivoli Identity Manager ~
qwITT}]br*D JDBC ,SD}?#XZ|`DE",kND Tivoli Identity
Manager Server Configuration Guide#
ky]z>cDhs@@TBw5:
u<]?
Tivoli Identity Manager ~qwITT}]br*D JDBC ,SDu<}?#
ns]?
ZNN;v1L,Tivoli Identity Manager ~qwITT}]br*D JDBC ,
SDns}?#
G<S1k}
xP,S.dD1d(Tk*%;)
?<~qwE"
kU/TBE":
wz{ ______________________________
?<~qwD+^(wz{#}g,identity1.mylab.mydomain.com#
Identity Manager DN ;C ______________________________
zZ0;C1VNPdkD5(ng dc=com)XkkzZdC LDAP 14(
Ds:(}g dc=com)`%d#PX|`E",kNDZ 23 3DZ 4 B, :?
<~qwdC;#
i/{F ______________________________
Z0zDi/{F1VNPdkD5+T>Zm` Tivoli Identity Manager <
NC'gfA;PyT>Di/<mO#K5;cGz+>HO}=D{F#
}g,i/{F* IBM +>#
":zITZKVNPdk%VZV{/(ASCII)V{r+VZV{/V
{#
1!i/L{F ______________________________
Z01!i/L{F1VNPdkD5+Z IBM Directory Server Z?CTz
mzDi/#K5;cGz+>{FDu4#}g,L{F* ibmcorp#
":Z01!i/L{F1VNP;\dk%VZV{/(ASCII)V{,n
gC"om>Dj6#
"Pf"x}? ______________________________
"Pf"xCZVI}]nTxPErri/#ky]z>cDhs@@1!
5(1)#
KZ ______________________________
?<~qw+l}DKZ,ng 389#
Z 6 B :/20:Tivoli Identity Manager ~qw 65
we DN ______________________________
we(P{FC'j6#}g,cn=root#
\k ______________________________
zZ20?<~qw14(Dwe(P{FC'j6D\k#
mb,20}L9(f Tivoli Identity Manager ~qwICJD LDAP ,SXDTB
w LDAP ,SXE"VN#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#
ky]z>cDhs@@TBw5:
nsXs!
ZNN1d LDAP ,SXDns,S}
nuDXs!
nu* LDAP ,SX4(D,SD}?
v?F}
1yP,SyZ9CDivB,?Nks,S1mS= LDAP ,SXD,SD
F}#
:/20D WebSphere Application Server E"
:/dCD WebSphere Application Server 20_PTBVN#PX|`E",kND
Z 105 3D:dC Tivoli Identity Manager :/;#
:/{F ______________________________zT0Z9l WebSphere Application Server %*14(D:/{F#T%v:
/k9Cng ITIM_CLUSTER D;v{F#Z&\:/P,k9Cng
ITIM_UI_CLUSTER M ITIM_WF_CLUSTER D{F#Z%;~qw20}L
P;T>KVN#
":dkD:/{FMd| WebSphere j6GxVs!4D#
20?< ______________________________
WebSphere Application Server Base D20?<#}g,Solaris 1!?<G
/opt/WebSphere/AppServer#g{Q-20K WebSphere Application Server
Base,rKVNvw*E"a>#
U>G<6p
T>ZzY53ms1U>Dj8LH#(}Z0U>G<6p1VNPhC
INFO k FATAL .dD}V,53\m1\;!qU>D~Dj8LH#U
>G<6p=_,53DT\=C,r*4kU>D~DE"+=Y#
J~~qw{F
'V SMTP J~~qw#SMTP wzGJ~xX#
2+ThC
TBVNT>Z053dC2+T1!n(O#
S\(4!r)
T Tivoli Identity Manager tTD~PD}]b"LDAP M WebSphere
Application Server \m1C'j6D\kxPS\#
66 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
&CLr~qwC'\m
9z\hCk7OTBVND\k:
53C'
WebSphere Application Server C'j6M\k#v1r*
W e b S p h e r e +V2+T1GXhD#bGZ 1 1 1 3D
:WebSphere D2+T;PDV/=hyvD wasadmin C'
j6#
EJB C'
zXkZt/20.0Q(eDC'M\k#v1r*
W e b S p h e r e +V2+T1GXhD#bGZ 1 1 1 3D
:WebSphere D2+T;DV/=hyvD itimadmin C'j
6#
":g{KVNvV1Q$HmCKZ],rVNI\|,5
wasadmin#+KVND5|D* itimadmin#
Tivoli Identity Manager E"
k"b Tivoli Identity Manager DTBE":
S\\?
\?I\GNNVrLo#\?CZS\ Tivoli Identity Manager \kMd|
tPD>#C5w* enrole.encryption.password f"Z enRole.properties
D~P#
U>G<6p
T>ZzY53ms1U>Dj8LH#(}Z0U>G<6p1VNPhC
INFO k FATAL .dD}V,53\m1\;!qU>D~Dj8LH#U
>G<6p=_,53DT\=C,r*4kU>D~DE"+=Y#
J~~qw{F
'V SMTP J~~qw#SMTP wzGJ~xX#
C'j6 ____itim manager________
Tivoli Identity Manager C'j6#20sD1!5G itim manager#G< Tivoli
Identity Manager 1k9CKC'j6#
\k ____secret______________
8(* itim manager D Tivoli Identity Manager \m1C'j6D\k#Z
20s"LvVD1!\kG secret#
":G< Tivoli Identity Manager ~qw1,53a?Fz|D\m1J'\
k#
20 Tivoli Identity Manager ~qw
TBwL<hvKZ:/dCB20 Tivoli Identity Manager ~qw}LPB~Dy>
3r:
Z 6 B :/20:Tivoli Identity Manager ~qw 67
Z:/dCP20 Tivoli Identity Manager ~qw:
":*20 Tivoli Identity Manager ~qw,kkTzD73q!}7D CD#PX|
`E",kNDZ 93 3D=< A, :bL;#
1. Z0P xg?p\mwDFczO#ZK20}LP,+Z;NdC Tivoli Identity
Manager D}]bM?<~qw#
2. Z?(P;vr`v:/I1DFczO#
< 23. :/20wL<
68 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":k7#z.0QjIZ 61 3D:*<0;PD=h#
*20 Tivoli Identity Manager ~qw,kjITB=h:
1. :/@nuD06-10ZM0mI10Z;
2. Z 70 3D:!q20`MM1!20?<;
3. Z 71 3D:!q}]b;
4. Z 72 3D:jI:/20rP;
5. Z 75 3D:8( WebSphere +V2+T;
6. Z 77 3D:8(S\\?"DA200**;
7. Z 78 3D:20x9Md|dCn/;
8. Z 87 3D::/20DU>M?<;
9. Z 87 3D:jI2+TdC;
10. Z 89 3D:bT Tivoli Identity Manager ~qwD(E;
/@nuD06-10ZM0mI10Z53Z20}L*<.0avV;5P6-MmI0Z#*/@b)u<0Z,k4
PTB=h:
1. G<=+*20 Tivoli Identity Manager ~qwDFcz#
":
1. zXk9C_P53\mX(DJ'G<(root)#
2. g{}]b* IBM DB2,k7#z.0Q-R= IBM DB2 E*D~#
2. Q Tivoli Identity Manager z7 CD ek= CD-ROM }/wP#
3. r*;v|na>{0Z"P;=zD CD-ROM }/wL{#
4. KP Tivoli Identity Manager 20Lr:
v AIX:instAIX-WAS.bin
v Solaris:instSOL-WAS.bin
K106-10Z+r*#
Z 6 B :/20:Tivoli Identity Manager ~qw 69
5. *|DvCZ20feODoT,k%w8>0"o1DrPDrB}7"!qm
;VoT#%w7(#
":C!n;a!q Tivoli Identity Manager &CLr.sKP19CDoT|#
K10mI$-i10Z+r*#
6. DAmI$-i"7(GqS\dun#g{S\,k%wS\#%wB;=#
!q20`MM1!20?<
K10!q20`M10Z+r*#
< 24. 06-10Z
70 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
1. !q:/r&\:/,;s%wB;=#
":K1+vV;vsx0Z,9z\8(C&\:/Gq* UI cr WF cD;
?V#g{z!q0:/1w*20`M,r;T>C0Z#
K10X*E"10Z+r*#
2. ZLx0,ki$ WebSphere xg?p\mwMyP WebSphere ZczmLrI
KP#PX|`E",kNDZ 109 3D:7# xg?p\mwMZczmLrZ
KP;#%wB;=#
K10!q20?<10Z+r*#
3. S\1!D Tivoli Identity Manager 20?< /itim45 r(}%w!q..."jId
a>8(m;?<#%wB;=#
!q}]bK1ar*0!q}]b`M10Z#
!qTBdP;V}]b`M"%wB;=:
v IBM DB2 (C}]b
g{ IBM DB2 G}]b,kZt/ Tivoli Identity Manager 20Lr.09CP
' db2InstanceHome ?<R= DB2 E*D~#PX|`E",kNDZ 14 3D:d
C IBM DB2 JDBC }/Lr;#
v Oracle#PX|`E",kNDZ 17 3D:Tivoli Identity Manager D Oracle 20M
dC;#
< 25. 0!q20`M10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 71
jI:/20rP
K10!q:/Zc`M10Z+r*#
1. !q;VZc`M#zXkHZ0P xg?p\mwDFczO20 Tivoli Identity
Manager,;sZ:/I1O20 Tivoli Identity Manager#
":z2ITZ,;FczOH20 xg?p\mwV20:/I1#k7#KF
czPyhDZf]?"YHMzcnb0kDICUd#
K10!q&\:/I110Z+r*#
":g{z.0Q+20`M8(*&\:/,r+vVTB0Z#g{z.0!
q:/w*20`M,r;T>C0Z#
< 26. 0!q:/Zc`M10Z
72 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
2. TZ&\:/,!qCFczG UI :/I19G$ww:/I1#%wB;=#
":kp+ UI :/I1M$ww:/I1,1Vdx,;Fcz#
K1+vV;vksdk;vr`v:/{FD0Z#
3. TZ%(#f):/,kdk;v:/{F,ng itim_cluster#
< 27. 0!q&\:/I110Z
Z 6 B :/20:Tivoli Identity Manager ~qw 73
g{20`M*&\:/,C0Zks`v:/{F#
4. dkzT0Z xg?p\mwP(eD;vr`v:/{F#%wB;=#
g{K20}LkT3v:/I1,r+T>0dk LDAP ?<E"10Z#
< 28. 0WebSphere Application Server }]10Z(:/{F)
< 29. 0WebSphere Application Server }]10Z(&\:/20)
74 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":g{ Tivoli Identity Manager 20G* xg?p\mw8(D,r+;T>C
0Z#
5. y]z.0{mDE"$wm,Z0LDAP ?<E"10ZDwVNPdki/}
]#
TZ?v:/I1,KE"Xkk.0Z xg?p\mwO20w Tivoli Identity
Manager }LP8(D LDAP E"`%d#?v:/I1DE"&j+;B#PX
|`E",kNDZ 65 3D:?<~qwE";#%wB;=#
8( WebSphere +V2+T
53+r*0WebSphere 2+T10Z#
< 30. 0LDAP ?<E"10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 75
g{0WebSphere +V2+T1Qr*,k%wtC WebSphere 2+T#
K1+vVm;v0Z,*sz8( WebSphere Application Server C'j6M\k#
bGZ 111 3D:WebSphere D2+T;PDV/=hyhvD wasadmin C'j6#
ka)C'j6M\k"%wB;=#
< 31. 0WebSphere 2+T10Z
< 32. 0WebSphere \m1>$10Z
76 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
8(S\\?"DA200**
08(S\\?10Zr*s+vV20**0Z#
1. ka);vS\\?,|I*NNVrLo#\?CZS\ Tivoli Identity Manager
\kMd|tPD>#C5w* enrole.encryption.password f"Z
enRole.properties D~P#%wB;=#
K1+r*0200**10Z,dPPv*20Di~"yhDICELUdT
020?<,ng /itim45#
2. ZLx0k7#yhELUdIC,"%w20#
Z20*s9CD1ddtP+r*;5PD20x90Z#ZyhJ4*snM
DFczO,1ddtDwCa\Tx#
< 33. 08(S\\?10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 77
20x9Md|dCn/
20}LZ;N1ddtZ20 Tivoli Identity Manager ~qw#20.s,aT/r
*d|0Z:
1. ;PZ0P WebSphere xg?p\mwDFczOD20}LP,TB0ZET>:
a. }]bdC#PX|`E",kND:Tivoli Identity Manager }]bDu<d
C;#
b. ?<~qw#PX|`E",kNDZ 79 3D:Tivoli Identity Manager ?<D
u<dC;#
2. Z0P WebSphere xg?p\mwDFczr_P:/I1DFczOD20}L
P,+r*;vIdC Tivoli Identity Manager D53dC0Z#PX|`E",
kNDZ 80 3D:Tivoli Identity Manager Du<dC;#
Tivoli Identity Manager }]bDu<dC
53ar*;v}]bdC0Z,zIxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
KdCn/+dCtTD~"Z Tivoli Identity Manager }]bP("m#
k4PTB=h:
1. 1 Tivoli Identity Manager0}]bdC10Zr*1,kdkOJD5#
< 34. 20x90Z
78 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":g{z*9C Oracle w*zD}]b,rXkZLx4P IBM Tivoli Identity
Manager0}]bdC10Z.0,+ Oracle JDBC }/Lr4F=
<ITIM_HOME>/lib ? < T 0 W e b S p h e r e A p p l i c a t i o n S e r v e r D
{WAS_HOME}/installedApps/enrole.ear ?<P#zIZZ 93 3D=< A, :b
L;PyvD9d CD OR= Oracle JDBC }/LrD1>(Z{*
classes12.zip DD~P)#
2. * Tivoli Identity Manager 9CD}]bjI}]bdCVN#g{}]bG IBM
DB2,r0IP X71M0KZE1VNGRtD#Td|}]bb)VNGXhD#
}g,0}]b{F1r0p{1ITGng itimdb Du?#0\m1j61VN
D5GTB5PD;v:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 12 3D:dC IBM DB2 ~qw;#
3. %wbT#1}]bbTI&1,0}]bdC10ZPD0C'j61M0C'
\k1VN+d*n/4,#
4. *b)VNdkOJD5,"%wLx#
Tivoli Identity Manager ?<Du<dC
53+r*;v?<~qwdC0Z,zITxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
< 35. 0}]bdC10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 79
kdkOJD5xP?<~qwDu<dC,Tc6p Tivoli Identity Manager#
k4PTB=h:
1. Zwv LDAP ~qwE"VNPdk5#}g,0wz{1VND5GKP?<~
qwDFczD+^(wz{#
2. %wbT#1,S?<~qwDbTI&1,Identity Manager ?<E"?VDVN
+d*n/4,#
3. (}8( Tivoli Identity Manager Ds:,0Identity Manager DN ;C1D5G
dc=my_suffix#PX|`E",kNDZ 24 3D:* Tivoli Identity Manager 8(
s:;#4ivjIb)VN"%wLx#
Tivoli Identity Manager Du<dC
TZyP20`M,k9C Tivoli Identity Manager ~qwa)D053dC10ZO
D!n(4|D}]b~qw"?<~qwMd|~qD5:
1. 0#f1!n(G;5PCZdC Tivoli Identity Manager ~qwD053dC1
!n(PDZ;v#
< 36. 0?<dC10Z
80 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
0#f1!n(PDVN5+;$nd#PXb)VND|`E",kND Tivoli
Identity Manager Server Configuration Guide PD53dCE"#
2. %w0?<1!n(#
K1+r*0?<1!n(0Z#
< 37. 0#f1!n(0Z
Z 6 B :/20:Tivoli Identity Manager ~qw 81
X*1,k^D?<~qwDE"#g{K20GZ:/I1OxPD,rKE
"Xkk.0* xg?p\mw8(D LDAP E"`%d#
g{K20GZ:/I1OxPD,rza4=bT4%#%wbT#z&Ca
4=;vm>,SI&DX&0Z#%w7(XUC0Z#
3. %w}]b!n(#
K1+r*0}]b1!n(0Z#
< 38. 0?<1!n(0Z
82 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
4. k* Tivoli Identity Manager }]ba)0}]b{F1,SE"#}g,0}]
b{F1D5I* itimdb#1!C'j6* enrole#g{C20Z:/I1Ox
PD,KE"Xkk.0* xg?p\mw8(D}]bE"`%d#
g{K20GZ:/I1OxPD,rza4=bT4%#%wbT#bTI&
D0+$n0}]bXE"1?VPD#`VN#%w7(XUC0Z#
5. %wU>G<#K1+r*0U>G<1!n(0Z#r_S\1!5 WARN,r
_vZ>cT\D<G|Db)5Dj8LH#
< 39. 0}]b1!n(0Z
Z 6 B :/20:Tivoli Identity Manager ~qw 83
6. %wJ~!n(#
K10J~1!n(0Z+r*#
< 40. 0U>G<1!n(0Z
< 41. 0J~1!n(0Z
84 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
7. Z0J~1!n(PdkXh5"%w7(#PXb)VND|`E",kND
Tivoli Identity Manager Server Configuration Guide#
":
1. Identity Manager ~qw URL VND5Gzm~qwD URL(}g,CZG
<= Tivoli Identity Manager D IBM HTTP Server)#
2. +0J~4T1X7|D*z>cD Tivoli Identity Manager 53\m1Dg
SJ~X7#zXk|DKX7,qrarPvDgSJ~X7"M,xJ
~#
8. %w UI#
K1+r* UI !n(0Z#
9. r_S\ UI !n(OD1!5,r_^DUjMX7E"T8(zDi/D(F
06-1T>==M Web X7#0Pm3s!18(ZyPC'gfPT>ZP
mPDnD}?#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#%w7(#
10. %w2+T#
K102+T1!n(0Zr*#
< 42. UI !n(0Z
Z 6 B :/20:Tivoli Identity Manager ~qw 85
g{z.0P!qX!qK WebSphere Application Server 2+T,rb)VNa
;$nd#g{z4tC WebSphere Application Server 2+T,b)VN+*U
W#
":
1. 0EJB C'1M0\k1VNDu<5G053C'1M0\k1VND5#z
I\h*^D0EJB C'1M0\k1VN#EJB C'j6D$HXkYZ 12
vV{#
2. g{zZK53dC02+T10ZP|DK EJB C'j6r EJB \kD5,
rZ20 Tivoli Identity Manager .sh*4PV/=h+2+TG+3d=
ITIM C',Sxt/ Tivoli Identity Manager#
11. %w7(TjI53dC#
12. mb,k7#d|52JZKP Tivoli Identity Manager M`X&CLr9CDd
C#
< 43. 02+T1!n(0Z
86 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
:/20DU>M?<
53dCjI1,k"bTB20U>;C:
m 5. 20U>D~{FM?<
D~{ ?<
dbConfig.stdoutldapConfig.stdoutitim45_installer_debug.txtrunConfig.stdout(kT:/20)runConfigTmp.stdout(Z%;~qwMxg?p\mwO)
{ITIM_HOME}/install_logs
itim45_install.stdoutitim45_install.stderr
53 root
Tivoli_Identity_Manager_InstallLog.log g { 2 0 I & j I , r ? < *
{ITIM_HOME}#g{20'\,U>D~
+Z53 root(UNIX)P Z Windows @
fO#
v UNIX:53 root
v Windows:@f
PXI WebSphere Application Server 20}L4(DU>D|`E",kND
WebSphere Application Server D5#
jI2+TdC
g{zrctC J2EE 2+T,kZ20 Tivoli Identity Manager .s4PTBV/=
hjI3d"XBt/ J2EE 2+T#PX|`E",kNDTBZ].;:
v Z 112 3D:20 Tivoli Identity Manager .s%Zc?pDV/=h;
v Z 115 3D:20 Tivoli Identity Manager .s`Zc?pDV/=h;
v k7# was.policy D~fZ#PX|`E",kNDZ 116 3D:dC was.policy
D~;#
Z20 Tivoli Identity Manager .s9C runConfig20 Tivoli Identity Manager .s,k9C runConfig |n*ngTBwVn/jI
53dC:
v |D enrole C'D\k#
v 8(\kS\"|B Tivoli Identity Manager EJB C'j6M\k#PX|`E",
kNDZ 80 3D:Tivoli Identity Manager Du<dC;PXZ053dC10ZP
D!n(Dhv#
PX9C runConfig |nD|`E",kND Tivoli Identity Manager Server
Configuration Guide#
Z 6 B :/20:Tivoli Identity Manager ~qw 87
P!qX20oT|
g{1!oT;G"o,kZ20 Tivoli Identity Manager sP!qXq!k20 Tivoli
Identity Manager ~qwDoT| CD#9C|nP==420oT|#}g,dkTB
Z]:
java –jar itimlp_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20Lr
feOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java Runtime
Environment 1.3.1#
(e HTTP a0VCT(I!)
zIT!q* WebSphere Application Server (e HTTP a0VCT#PX|`E",
kND WebSphere E"PDZD HTTP a0\mD5#
":g{.s WebSphere Application Server Z Tivoli Identity Manager :/P'\,
a0VCT+9nUC'wK'\-r#
i$Bq~qhC
>ki$ WebSphere Application Server Bq~qhCc;s=IT&mzD5qwLD
Tivoli Identity Manager :X#PX^Db)hCDj8E",kNDZ 110 3D:dC
WebSphere Application Server Bq~qhC;#g{z;^Db)hC,9.\&mz
D5qwL:X,rksZjI.0I\,1#
|B Web ~qwe~
20jIs,k|B Web ~qwe~#*K,kCJ WebSphere Application Server \
mXF("%w73 –> |B Web ~qwe~ –> 7(#
t/:/
20jIRyPXhD2+T^DyQjIs,kXBt/:/#Z WebSphere \mX
F(P,4PTB=h:
1. %w~qw –> :/#
2. !q Tivoli Identity Manager :/#
3. %wt/#Tivoli Identity Manager &Z:/t/1t/#
r_,zIT(}Z:/PDNbFczD|na>{&KPTB|n4t/:/I
1:
{ITIM_DIR}/bin/unix/ssCluster start
":
1. Z0P xg?p\mwDFczOKPK|n+t/{v:/#
2. K|n9+t/ JMS ~qw#
r_,zIT(}Z:/PDNbFczD|na>{&KPTB|n#9:/I
1:
88 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
{ITIM_DIR}/bin/unix/ssCluster stop
":Z0P xg?p\mwDFczOKPK|n+#9{v:/#
bT Tivoli Identity Manager ~qwD(E
*bT}]b"?<~qwM Tivoli Identity Manager ~qwGqQ}7dC"%`(
E,kjITB=h:
1. bT JDBC }/LrT7#|}Z3X(:/I1OKP:
a. Z*<.0,k7#}]b~qwM WebSphere Application Server }ZKP#
PXt/ WebSphere Application Server D|`E",kNDI WebSphere
Application Server a)DD5#
b. k7#zQ}7R= IBM DB2 E*D~#g{z}Z9C IBM DB2 V7.1 r
V7.2,"xPKz7*sD^)|,rk7#Zt/ WebSphere Application Server
.0Z shell PQKPK usejdbc2 shell E>#YNbT,S#g{,S;pw
C,ki$ enrole C'j6M\kyQ}7dC#g{ IBM DB2 }]bG6
LD,k7#T}]b~qwMM'z&CK,; IBM DB2 ^)|6p#
":Fix Pack 3 +Q IBM DB2 V7.1 73(F= IBM DB2 V7.2 ;cICT
6p#PX|`E",kNDZ 99 3D=< B, :kT UNIX Dm~M2
~*s;#
c. CJ WebSphere Application Server \mXF(#
d. %wJ4 –> JDBC a)Lr#!q?jZc#
e. %w/@~qw#!q;v?j~qw,;s%w&C#
f. v/= JDBC a)LrPm"+w ITIM JDBC a)Lr#
g. v/T>DT0r=0d|tT10q#Z0d|tT10qP,%w}]
4#
h. ZT>D0}]41T0rP,%wbT,S#K1+vV;u8>bTa{
D{"#
2. t/ Tivoli Identity Manager ~qwMyPX8&CLr#
CJ WebSphere Application Server \mXF("%w~qw –> :/#!qC:
/"%wt/#
3. G<= Tivoli Identity Manager#}g,Z/@w0ZdkTBZ]:
http://hostname/enrole
dP hostname G}ZKP Tivoli Identity Manager ~qwDFczD+^({r IP
X7#
":
1. k;*Z,;M'zFczOt/=v@"D/@wa0#b=va0+;S
w;va0j6,Sxzz}]Jb#
2. g{z9C%cG<&\G<"h*!q;VoT,kZ Web >cX7s7S
/language#}g,dk:
https://mysite.myco.com/itim/enrole/language
PX*zD Web /@wdC1!oTD|`E",kND Tivoli Identity Manager
Server Configuration Guide#
Z 6 B :/20:Tivoli Identity Manager ~qw 89
4. dk Tivoli Identity Manager \m1C'j6(itim manager)M\k(Z20.s
"LvV,5*0secret1)#
5. 4PX*D=h4(C'(ITIM C')#PX|`E",kND*zozr Tivoli
Identity Manager Policy and Organization Administration Guide#
PX&CKPD}LD|`E",kND Tivoli Identity Manager Server Configuration
Guide#
~qwkzmLrD(E
9Cx Tivoli Identity Manager zmLrD Tivoli Identity Manager 53h*9Czz
$iT7# Tivoli Identity Manager ~qwMzmLr.dD(E2+#
k Tivoli Identity Manager zmLrD$iT&DO$PDXkZ {ITIM_HOME}/cert
?<P#PX\'VD$i`M,kND Tivoli Identity Manager Server Configuration
Guide T0X(zmLrD208O,TKb|`E"#
":
1. k;N20;vzmLrE*D~,"Z20m;vzmLrE*D~.0jI0
;vE*D~D20#,120`vE*D~I\<B Tivoli Identity Manager ~
qw?FXB}<#
2. Z:/dCP20;NzmLrE*D~#PXZ:/dCD24;C20zmL
rE*D~D(i,kNDkTzDX(zmLrDzmLr208O#
3. WebSphere Application Server dC*szmLr$iD}/w;CM20 Tivoli
Identity Manager ~qwD}/w;C;B#}g,g{zZ3v:/I1O20z
mLrE*D~,xZC:/I1O,Tivoli Identity Manager ~qw20Z
{ITIM_HOME}/itim45 P,r$iXk$tZ {ITIM_HOME}/itim45/cert ?<P#
WebSphere Application Server dC2Xk8( {ITIM_HOME}/itim45/cert ?<#
4. g{1!oT;G"o,Z20Z;v Tivoli Identity Manager zmLr0kP!
qXqCk20 Tivoli Identity Manager zmLroT| CD#Z Tivoli Identity
Manager ~qwO9C|nP==420zmLroT|:
java –jar itimlp_agents_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20
LrfeOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java
Runtime Environment 1.3.1#
mSr}%:/I1
>ZhvgNmSr}%:/I1#
9CBFcz)9:/
*+B:/I1mS=VPD Tivoli Identity Manager :/,k4PTB=h:
":b)=h(}9C;(K0;&Z WebSphere %*PDFcz4)9:/#bG.
=(":/D;v}S#
90 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
1. 9C WebSphere Application Server \mXF(4(B:/I1#PX|`E",k
NDZ 108 3D:+ZcmS=%*;#
2. 9C WebSphere Application Server \mXF(,ZZcOmSB:/I1#PX|
`E",kNDZ 109 3D:4(:/;#
3. ZBDFczOKP Tivoli Identity Manager 20}L,"!q:/I120#
4. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF("
%w73 –> |B Web ~qwe~ –> 7(#
5. 9C WebSphere Application Server \mXF(,t/CB:/I1#
9C,;Fcz)9:/
z9IT(}ZPVP:/I1DFczOmSd|:/I14)9:/#
k4PTB=h:
1. Z WebSphere Application Server \mXF(P,ZH0fZ:/I1DFczO4
(B:/I1#
":bG91(":/D;v}S#
2. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF("
%w73 –> |B Web ~qwe~ –> 7(#
3. 9C WebSphere Application Server \mXF(,t/CB:/I1#
}%:/I1
*}%FczP(;D:/I1,k4PTB=h:
v g{FczOvfZ;v:/I1,k4PTBYw:
1. KP Tivoli Identity Manager 6XLr#PX|`E",kNDZ 131 3D=<
G, :6X Tivoli Identity Manager;#
2. Z WebSphere Application Server \mXF(O,S:/>}C:/I1#
3. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF(
"%w73 –> |B Web ~qwe~ –> 7(#
v g{FczOP`v:/I1(91:/),k4PTBYw:
1. Z WebSphere Application Server \mXF(O,S:/>}C:/I1#
2. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF(
"%w73 –> |B Web ~qwe~ –> 7(#
Z 6 B :/20:Tivoli Identity Manager ~qw 91
92 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< A. bL
Tivoli Identity Manager ~qw20a)TBbL(CD)#g{;PPvDyP CD,k
k IBM 'V*5#
CD P;P(iD WebSphere Y1^)Lr PQ77521z7 CD P;Pa)(iDY1^)Lr PQ77521#WebSphere Application Server 5.0.2
{"+][}Y1^)LrG(iC4|}PX WebSphere 6k={"+]'VD
MQJMS2013 XA V4msDLr#
ms{"DZ;PkTBZ]`F:
[8/6/03 13:30:54:484 EDT] f341ce J2CXAResource W J2CA0061W:4(XA ,SkJ4 javax.resource.spi.ResourceAdapterInternalException 1vm:createQueueConnection Zcom.ibm.ejs.jms.JMSCMUtils.mapToResourceException(JMSCMUtils.java:123) &'\
}g,1$ww}ZKP1I\vVKmsR WebSphere Application Server a#9#
4jIDBq^(V4#g{&CY1|,}]ITV4#
*q!KY1^)Lr,kdkX74CJC Web >c:
http://www.ibm.com/support/docview.wss?uid=swg24005451
oT| CDBmVnPvKoT| CD DZ]#
m 6. oT| CD DZ]
z7 D~{
oT| itimlp_setup.jar"itimlp_agents_setup.jar
9C WebSphere Application Server D Tivoli Identity Manager Dy
!zk Solaris CDBmVnPvK9C WebSphere Application Server D Tivoli Identity Manager Dy!
zk Solaris CD y|,DZ]:
m 7. 9C WebSphere Application Server D Tivoli Identity Manager Dy!zk Solaris CDy|,DZ]
z7 D~{
9C WebSphere Application Server D Tivoli
Identity Manager V4.5
instSOL-WAS.bin
kHDAD5 Docs-ReadMeFirst.pdf
© Copyright IBM Corp. 2003 93
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk
Solaris CDBmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk Solaris CD y|,DZ]:
m 8. 9C WebLogic D Tivoli Identity Manager Dy!zk Solaris CD y|,DZ]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instSOL-WL.bin
kHDAD5 Docs-ReadMeFirst.pdf
9d Solaris CD 1BmVnPvK9d Solaris CD 1 DZ]:
m 9. 9d Solaris CD 1 DZ]
z7 D~{
WebSphere Application Server Base V5.0 Fix Pack
2
was50_fp2_solaris.zip
WebSphere Application Server xg?p,f>
5.0 ^)| 2
was50_nd_fp2_solaris.zip
WebSphere Application Server Base V5.0.2 Y1
^)Lr(APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server xg?p,f> 5.0.2 Y1^
)Lr(APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP `kY1^)
Lr(APAR PQ77263)
PQ77263.zip
9d Solaris CD 2BmVnPvK9d Solaris CD 2 DZ]:
m 10. 9d Solaris CD 2 DZ]
z7 D~{
IBM Directory Server V5.1 ids510-solaris-ismp-us.tar
IBM Directory Server V5.1 Fix Pack 1 FP510S-01.tar.Z
IBM Directory Server }Cj{Te~ DelRef/aix/libdelref.a
DelRef/hpux/libdelref.sl
DelRef/nt/libdelref.dll
DelRef/sun/libdelref.so
Tivoli Identity Manager V4.5 dCD~ DelRef/timdelref.conf
94 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
9d Solaris CD 3BmVnPvK9d Solaris CD 3 DZ]:
m 11. 9d Solaris CD 3 DZ]
z7 D~{
IBM DB2 V8.1 Fix Pack 2(32 M 64 ;) Sol-FP2_U486567.tar.Z
9d Solaris CD 4BmVnPvK9d Solaris CD 4 DZ]:
m 12. 9d Solaris CD 4 DZ]
z7 D~{
Oracle Type 4 JDBC }/Lr classes12.zip
Oracle Type 4 JDBC }/LrmI$D~ LI_en
9C WebSphere Application Server D Tivoli Identity Manager Dy
!zk AIX CDBmVnPvK9C WebSphere Application Server D Tivoli Identity Manager Dy!
zk AIX CD y|,DZ]:
m 13. 9C WebSphere Application Server D Tivoli Identity Manager Dy!zk AIX CD y
|,DZ]
z7 D~{
9C WebSphere Application Server D Tivoli
Identity Manager V4.5
instAIX-WAS.bin
kHDAD5 Docs-ReadMeFirst.pdf
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk AIXCD
BmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk AIX CD y|,DZ]:
m 14. 9C WebLogic D Tivoli Identity Manager Dy!zk AIX CD y|,DZ]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instAIX-WL.bin
kHDAD5 Docs-ReadMeFirst.pdf
=< A. bL 95
9d AIX CD 1
":r*s!<xD-r,9d CD P4a)Z AIX O9CD IBM DB2 D Fix Pack
2#*q!Z AIX O9CD IBM DB2 Fix Pack 2,kCJTB FTP >c:
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aix5v8/fixpak/FP2_U486566/
r_CJTB Web >c:
http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/v8fphist.d2w/report#AIX5
BmVnPvK9d AIX CD 1 DZ]:
m 15. 9d AIX CD 1 DZ]
z7 D~{
WebSphere Application Server Base V5.0 Fix Pack
2
was50_fp2_aix.zip
WebSphere Application Server xg?p,f>
5.0 ^)| 2
was50_nd_fp2_aix.zip
WebSphere Application Server Base V5.0.2 Y1
^)Lr(APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server xg?p,f> 5.0.2 Y1^
)Lr(APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP `kY1^)
Lr(APAR PQ77263)
PQ77263.zip
9d AIX CD 2BmVnPvK9d AIX CD 2 DZ]:
m 16. 9d AIX CD 2 DZ]
z7 D~{
IBM Directory Server V5.1 ids510-aix-ismp-us.tar
IBM Directory Server V5.1 Fix Pack 1 FP510A-01.tar
IBM Directory Server }Cj{Te~ DelRef/aix/libdelref.a
DelRef/hpux/libdelref.sl
DelRef/nt/libdelref.dll
DelRef/sun/libdelref.so
Tivoli Identity Manager V4.5 dCD~ DelRef/timdelref.conf
9d AIX CD 3BmVnPvK9d AIX CD 3 DZ]:
m 17. 9d AIX CD 3 DZ]
z7 D~{
Oracle Type 4 JDBC }/Lr classes12.zip
Oracle Type 4 JDBC }/LrmI$D~ LI_en
96 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk
HP-UX CDBmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk HP-UX CD y|,DZ]:
m 18. 9C WebLogic D Tivoli Identity Manager Dy!zk HP-UX CD y|,DZ]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instHPUX-WL.bin
kHDAD5 Docs-ReadMeFirst.pdf
9C WebSphere Application Server D Tivoli Identity Manager Dy
!zk Windows 2000 CDBmVnPvK9C WebSphere Application Server D Tivoli Identity Manager Dy!
zk Windows 2000 CD y|,DZ]:
m 19. 9C WebSphere Application Server D Tivoli Identity Manager Dy!zk Windows2000 CD y|,DZ]
z7 D~{
9C WebSphere Application Server D Tivoli
Identity Manager V4.5
instW2K-WAS.exe
kHDAD5 Docs-ReadMeFirst.pdf
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk
Windows 2000 CDBmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk Windows 2000 CD y|,DZ]:
m 20. 9C WebLogic D Tivoli Identity Manager Dy!zk Windows 2000 CD y|,DZ
]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instW2K-WL.exe
kHDAD5 Docs-ReadMeFirst.pdf
9d Windows 2000 CD 1BmVnPvK9d Windows 2000 CD 1 DZ]:
m 21. 9d Windows 2000 CD 1 DZ]
z7 D~{
WebSphere Application Server Base V5.0 Fix Pack
2
was50_fp2_win.zip
WebSphere Application Server xg?p,f>
5.0 ^)| 2
was50_nd_fp2_win.zip
=< A. bL 97
m 21. 9d Windows 2000 CD 1 DZ] (x)
z7 D~{
WebSphere Application Server Base V5.0.2 Y1
^)Lr(APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server xg?p,f> 5.0.2 Y1^
)Lr(APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP `kY1^)
Lr(APAR PQ77263)
PQ77263.zip
9d Windows 2000 CD 2BmVnPvK9d Windows 2000 CD 2 DZ]:
m 22. 9d Windows 2000 CD 2 DZ]
z7 D~{
IBM Directory Server V5.1 ids510-windows-us.zip
IBM Directory Server V5.1 Fix Pack 1 FP510W-01.zip
IBM Directory Server }Cj{Te~ DelRef\aix\libdelref.a
DelRef\hpux\libdelref.sl
DelRef\nt\libdelref.dll
DelRef\sun\libdelref.so
Tivoli Identity Manager V4.5 dCD~ DelRef\timdelref.conf
9d Windows 2000 CD 3BmVnPvK9d Windows 2000 CD 3 DZ]:
m 23. 9d Windows 2000 CD 3 DZ]
z7 D~{
IBM DB2 V8.1 Fix Pack 2 W2K-FP2.zip
9d Windows 2000 CD 4BmVnPvK9d Windows 2000 CD 4 DZ]:
m 24. 9d Windows 2000 CD 4 DZ]
z7 D~{
Oracle Type 4 JDBC }/Lr classes12.zip
Oracle Type 4 JDBC }/LrmI$D~ LI_en
98 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< B. kT UNIX Dm~M2~*s
>=<PwKkT9C WebSphere Application Server D UNIX D Tivoli Identity Manager
~qwDm~M2~*s#
9C WebSphere D Tivoli Identity Manager DnM UNIX Yw53M2
~*s
Bmj6K UNIX Yw53"9!M20DnM2~*s#b)5;|(d|KP1*
s#KP`V~qw`M,gZ;(FczOKP&CLr~qwM}]b~qw,
CFcz+h*nbD2~J4(|`D RAM)#
m 25. Tivoli Identity Manager DnMYw53M2~*s
Yw53 9! n!Zf"ICELUdMd|2~*s
AIX 5.1¹ TZ9C WebSphere Application Server D
Tivoli Identity Manager ~qw,&C 5100–03,$m~|M APAR IY36884 r|_f>
v RAM:1 GB
v &mw:1S5J* 375 MHz r|_D IBM
604e &mw
v ICELUd:/tmp XkP 1 GB ICEL
Ud#g{ Tivoli Identity Manager 20K
WebSphere Application Server,{WAS_HOME}
XkP 800 MB ICELUd,/var XkP
300 MB ICELUd#* /itim45 Vd 500
MB#
":200R= IBM DB2 E*D~#
Solaris 8² UZ* 2003 j 3 Br.sD9!:/ v RAM:1 GB
v &mw:1S5J* 440 MHz r|_D
Solaris Sparc &mw
v ICELUd:/tmp XkP 1 GB ICEL
Ud#g{ Tivoli Identity Manager 20K
WebSphere Application Server,{WAS_HOME}
XkP 800 MB ICELUd,/var XkP
300 MB ICELUd#* /itim45 Vd 500
MB#
":200R= IBM DB2 E*D~#
© Copyright IBM Corp. 2003 99
m 25. Tivoli Identity Manager DnMYw53M2~*s (x)
Yw53 9! n!Zf"ICELUdMd|2~*s
1. kND http://techsupport.services.ibm.com/server/mlfixes/43/10/01to10.html,Tq!XZ|B AIX f>D|`E"#
2. Solaris:}d|&CLryhDZKhCb,Tivoli Identity Manager 9h*Z /etc/system D~P,PTBZKkE
EN}:
v set shmsys:shminfo_shmmax = 4294967295
v set shmsys:shminfo_shmseg = 1024
v set shmsys:shminfo_shmmni = 1024
v set semsys:seminfo_semaem = 16384
v set semsys:seminfo_semmni = 1024
v set semsys:seminfo_semmap = 1026
v set semsys:seminfo_semmns = 16384
v set msgsys:msginfo_msgmap = 1026
v set semsys:seminfo_semopm = 100
v set semsys:seminfo_semmnu = 2048
v set semsys:seminfo_semume = 256
v set msgsys:msginfo_msgmax = 65535
v set rlim_fd_cur=1024
9C WebSphere D Tivoli Identity Manager ~qwD}]b
BmPvK9C WebSphere D Tivoli Identity Manager ~qwICD}]b:
m 26. 9C WebSphere D Tivoli Identity Manager ~qwICD}]b
}]b f>M^)|r9! AIX 5.1 Solaris 8 W i n d o w s 2 0 0 0Advanced Server
IBM DB2 (C}]bs5f~
qw¹k IBM DB2 KP1M'
z
v x^)| 2 Df>
8.1
v x^)| 9 Df>
7.2
U U U
Oracle 8.1.7 U U U
Microsoft SQL Server SQL Server 2000 U
":
1. IBM DB2 h*_PTBn!ICELUd:
v 20h*Z4( Tivoli Identity Manager }]bD?<(ng /home/db2inst1)PP 1 GB Ud#
9C WebSphere D Tivoli Identity Manager ~qwD?<~qw
BmPvK9C WebSphere D Tivoli Identity Manager ~qwD?<~qw:
100 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
m 27. 9C WebSphere D Tivoli Identity Manager ~qwD?<~qw
?<~qw f>M^)|r9! AIX Solaris 8 W i n d o w s 2 0 0 0Advanced Server
IBM Directory Server v xP Fix Pack 1 D V5.1
v xP Fix Pack 2 D V4.1(Z
Windows NT O9CD V4.1.1)
U
Z AIX 5.1 O
U U
Sun ONE Directory
Server¹
5.1 U
Z AIX 4.3.3Ox;G 5.1
U U
1. mkliTB Web >c:
http://wwws.sun.com/software/download/inter_ecom.html#dirserv
Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qwX
8m~
BmPvKkT Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qw:
m 28. Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qwX8m~
X8m~ f> ^)| Y1^)Lr
IBM HTTP Server¹ 1.3.26 WebSphere Fix Pack 2
":
1. Z&C WebSphere ^)|0z
XkXU HTTP ~qw#
2. Z:/73P,k7#ZyP
_P IBM HTTP Server DF
czO0k WebSphere ^)
|,IBM HTTP Server I\9
F c z | , W e b S p h e r e
Application Server xg?p#
—
WebSphere Application Server
Base²
5.0 WebSphere Fix Pack 2 4UyPvD3r&CTB^)L
r:
v APAR SOV62778(kNDBfD
"M 3#)
v APAR PQ75794
v APAR PQ77263
WebSphere Application Server x
g?p²
5.0 WebSphere Fix Pack 2 &CTB^)Lr:
v APAR SOV62778(kNDBfD
"M 3#)
=< B. kT UNIX Dm~M2~*s 101
m 28. Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qwX8m~ (x)
X8m~ f> ^)| Y1^)Lr
1. IBM HTTP Server |(Z WebSphere Application Server 20}LP#
2. f WebSphere Application Server ;pV"D JDK G\'VD JDK#;'V9C IBM rd{)&La)D@"2
0D JDK#
3. g{zV/20 WebSphere Application Server Base D Fix Pack 2,k+9d CD OD ibmorb.jar D~4F=
{WAS_HOME}/java/jre/lib/ext ?<#ZP WebSphere Application Server xg?pDFczO,+9d CD OD
ibmorb.jar D~4F= {WAS_NDM_HOME}/java/jre/lib/ext ?<#g{zZ20 WebSphere 5.0 Fix Pack 2 s20
KNN WebSphere JDK ^)Lr,rXkZ4FD~ ibmorb.jar 0k WebSphere 'V*5#
\'VD Web /@w
TB Web /@wvZ Windows O\'V:
v x Service Pack 2 D Internet Explorer 5.5
v x Service Pack 1 D Internet Explorer 6.0
v Netscape 4.75
":
1. XktC cookie#
2. k;*Z,;M'zFczOt/=v@"D/@wa0#b=va0+;Sw;
va0j6,Sxzz}]Jb#
3. TZ IE /@w,k7#Q8( Java KP173(JRE)#r*/@w"%w$_ –>Internet !n#%w0_61!n(#v/&\?~Pm#!qk9C Java 2
V1.3.1_04 `FnD4!r#XBt/Fcz#
102 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< C. <8 WebSphere 73
>BhvZ%;~qwr:/dCP20 Tivoli Identity Manager ~qw.04(
WebSphere Application Server 73D;c=h#TZ:/dC,>Ba)20MdC
WebSphere Application Server xg?pM WebSphere Application Server Base D=h#
":XZ|`DE",kND WebSphere Application Server 20D5#
<8 WebSphere Application Server 20
Z20 WebSphere Application Server.0,k7#Pc;DICELUdb9uD~#
PX|`E",kNDZ 99 3D=< B, :kT UNIX Dm~M2~*s;#
7#8(K{"+]'VC'Mi
I!TB=hI7#}78( WebSphere 6k={"+]'VC'Mi:
Z AIX O,4({"+]'ViMC'
kZ AIX O4({"+]'ViMC',k4PTBYw:
1. 4(XhD WebSphere 6k={"+]'Vi mqm M mqbrkrs "4(C'
mqm#+C' mqm mS=i mqm#+ root mS=b=vi#}g,dkTBZ
]:
mkuser mqmmkgroup -A mqmmkgroup -A mqbrkrsuseradd -G mqm mqmchuser groups=mqm,mqbrkrs root
2. *K9|Dz',kT root m]"z,YG<#
":g{zZKP+2@f73,rXUr*EDXF(9;;#9Xkj+"
z#
3. *i$|D,kdkTB|n:
su -rootgroups
7( root GqZ mqm M mqbrkrs iP#
Z Solaris O,8(C'M{"+]'Vi
*Z Solaris O4(BD WebSphere 6k={"+]'VC'M{"+]'Vi,k4
(XhD WebSphere 6k={"+]'Vi mqm M mqbrkrs "4(C' mqm#
+C' mqm mS=i mqm#+ root mS=b=vi#
k4PTB=h:
1. t/ admintool#
2. SNq8%w/@ –> i#
3. %w`- –> mS#
4. Z0i{F1VNPdki mqm,"7#I1PmP|, mqm M root#
© Copyright IBM Corp. 2003 103
5. T mqbrkrs iX4b)=h,"7#I1PmPvP root#
6. *K9|Dz',kT root m]"z,YG<#
":g{zZKP+2@f73,rXUr*EDXF(9;;#9Xkj+"
z#
7# WebSphere 6k={"+]~qwkM'zD Solaris ZK
hC
Z Solaris O,k7#*6k={"+]~qwMM'z8(KTB=SZKhC:
v set shmsys:shminfo_shmmax = 4294967295
v set shmsys:shminfo_shmseg = 1024
v set shmsys:shminfo_shmmni = 1024
v set semsys:seminfo_semaem = 16384
v set semsys:seminfo_semmni = 1024
v set semsys:seminfo_semmap = 1026
v set semsys:seminfo_semmns = 16384
v set msgsys:msginfo_msgmap = 1026
v set semsys:seminfo_semopm = 100
v set semsys:seminfo_semmnu = 2048
v set semsys:seminfo_semume = 256
v set msgsys:msginfo_msgmax = 65535
v set rlim_fd_cur=1024
9CVPD WebSphere MQ V5.3WebSphere 6k={"+]~qwMM'z(WebSphere 6k={"+]'V)G Tivoli
Identity Manager yhD WebSphere 5.0 i~#*I&20b) WebSphere i~,r
Xk}% IBM MQSeries V5.2(g{fZD0)#
g{ WebSphere MQ V5.3 fZZFczO,k7#Z20 WebSphere 6k={"+
]'VM'zM~qw.020TB WebSphere MQ i~:
v xP CSD03 |BD WebSphere MQ V5.3
v ~qwk Java {"+]D WebSphere MQ &\?~
*7(VPDf>,kKP WebSphere MQ a)D mqvr 5CLr#
XZ|`DE",kND WebSphere Application Server 20D5#
KZ 9090 ICTi$
WebSphere Application Server *d\mXF(9CKZ 9090#g{KZ*CZ53O,
zXk* WebSphere &CLrXF(!qmb;vICDKZ#zI(}dkTB|n
bTKZGqZ;9C:
netstat -an | grep 9090
104 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
dC Tivoli Identity Manager :/
TBG:/20MdCD}L:
1. :20 WebSphere Application Server xg?p;
2. Z 106 3D:20 IBM HTTP Server M WebSphere Web ~qwe~;
3. Z 107 3D:Z?vZcO20 WebSphere Application Server Base;
4. Z 108 3D:+ZcmS=%*;
5. Z 109 3D:7# xg?p\mwMZczmLrZKP;
SB4zI4(;vr`v:/,gZ 63 3D:9C xg?p\mw4(:/;Py
v#
20 WebSphere Application Server xg?p
":g{bG}6,WebSphere Application Server xg?p 5.0 I0k= Tivoli Identity
Manager4.4.x w~qwr(z~qwO#
*20 WebSphere Application Server xg?p,kjITB=h:
1. 7(FczGqPc;DZfMICELUd#
2. ka0qCyhD^)|r APAR(g{PD0)#PX|`E",kNDZ 99 3
D=< B, :kT UNIX Dm~M2~*s;#
3. 20u<z7 CD#XZ|`Dz7 CD 0dZ]DE",kNDZ 93 3D=<
A, :bL;#
4. (}dkTBZ],r* WebSphere Application Server xg?p20Lr:
drive_dir:/LaunchPad.sh
5. Zu<T0P,kS\mI$*s#
20Lr+liX8m~#}g,|I\lb1YD9!,gT>UoV{yh
DVe#kNDI WebSphere Application Server xg?pa)DD5,"9dN
Nz7(G#X*D9!#
":ZX8m~li1,20Lr+lbNN WebSphere Application Server xg
?pDH020f>"T>;v(Fk2fT0r#g{z#{=v
WebSphere Application Server xg?pf>2f,k!q0^D2fDK
Z 1 , ; s Z 2 f T 0 r P ^ D K Z E # 2 0 j I 1 , z X k | D
{WAS_ND_HOME}\properties BDD~ wsadmin.properties P SOAP ,SD
KZ5,9.%dBDKZ5#
6. %wB;=#
K1+T>;vJmz!qxg?p&\?~DT0r#
7. S\1!5"%wB;=#
K1+T>;vPv20?j?<"yhUdMICUdDT0r#
8. S\r^D1!?<,"7#Pc;D20Ud,;s%wB;=#
K1+T>;vksZc{"wz{M%*{F5DT0r#
9. S\1!5ra)ksDVN5#}g:
Zc{ S\1!V{.ra)j6ZcDPbeDV{.#}g,hostname
=< C. <8 WebSphere 73 105
wz{r IP X7
dk?jFczD+^(wz{r IP X7#
%*{F
dkj6%*D5#}g,dk:
ITIM_CELL_A1
10. X4%wB;=4/@TBT0r:
v 20**
v 20}L
v z7"a
v jI
v jI
11. X&0Z;=1T0r,CT0ra>zt/~qw"KP20i$bT#9C
TB Web X7CJ\mXF(:
http://networkdeploymenthost:9090/admin
dP networkdeploymenthost GQ20K WebSphere Application Server xg?pD
FczD+^(wz{#
":g{=vf>D WebSphere Application Server xg?p2f,kC20}L
PdCDKZEf;1!KZE#
12. 20XhD^)|r APAR#
":Z20^)|r APAR .0,k#9 WebSphere Application Server xg?
p53#PX|`E",kNDZ 99 3D=< B, :kT UNIX Dm~M2
~*s;#
20 IBM HTTP Server M WebSphere Web ~qwe~
*20 IBM HTTP Server M WebSphere Web ~qwe~,k4PTBYw:
1. 20u<z7 CD#XZ|`Dz7 CD 0dZ]DE",kNDZ 93 3D=<
A, :bL;#
2. 9C WebSphere Application Server Base z7t/20#
3. /@TB20T0r"S\1!hC#
4. 120T0ra)TB!n1,k%w4!r4S\dC:
XBdCz7TkCz7Dd|f>2f
5. /@0Yw536pli1kd|NNliX8m~DT0r#
6. 1;va)C!nDT0rvV1,k!q(F#
7. %wB;=#
K1+T>&\?~!qT0r#
8. Z&\?~!qT0rP,v!qTBwn:
v IBM HTTP Server
v IBM HTTP Server D WebSphere Web ~qwe~
9. %wB;=#
K1+vV;vT>1!?j?<"ICUd5T0yhUd5DT0r#
106 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":g{K20*kT0D202f,IBM HTTP Server 5.0 IT9C1!20?
<,r*|kw* IBM HTTP Server 4.0 20;?V|,D1!?<;,#
10. S\1!?j?<,r^D?j,r^DFczICELUd#%wB;=#
K1+T>;v\a*20D&\?~0d;CDT0r#
11. X4%wB;=4/@|,TBwnDsxT0r:
v }L(f
v z7"a
v jI
12. qC"20yhD WebSphere Application Server Base ^)|(dP9|, IBM
HTTP Server D^)Lr)#PX|`E",kNDZ 99 3D=< B, :kT UNIX
Dm~M2~*s;#
zI WebSphere Web ~qwe~dCD~
zI WebSphere Web ~qwe~DdCD~#Z209!.0,zXk#9 IBM
HTTP Server#k4PTB=h:
1. G<= xg?p\mw\mXF(#
2. SXF(s_0q,%w73 –> |B Web ~qwe~ –> 7(4|B Web ~
qwe~#b+Z?< {NDM_HOME}/config/cells PzI Web ~qwe~dCD
~ plugin-cfg.xml#
3. Ze~|BjIs,k%w#f+zDdC#f=wbP#
":1#fdC1,k!q0kZc,=|D1#
4. g{Z0P xg?p\mwDFczO20 IBM HTTP Server,ri$TBwPf
ZZ http_server_installdir/conf/httpd.conf dCD~P:
":g{ IBM HTTP Server M xg?p\mw20Z;,DFczO,K=h;
GXhD#
v AIX:
WebSpherePluginConfig /usr/WebSphere/DeploymentManager/config/cells/plugin-cfg.xml
v Solaris:
WebSpherePluginConfig /opt/WebSphere/DeploymentManager/config/cells/plugin-cfg.xml
Z?vZcO20 WebSphere Application Server Base(}Z%*D?vI1ZcOX4TB=h,20 WebSphere Application Server Base:
1. t/ WebSphere Application Server Base 20Lr#
2. /@wT0r,1=vVPv*20D&\?~DT0r#
":
1. ZX8m~li1,20Lr+lbNN WebSphere Application Server Base D
H020f>"T>;v(Fk2fT0r#g{z#{=v WebSphere
Application Server Base f>2f,k!q0^D2fDKZ1,;sZ2fT
0rP^DKZE#20jI1,zXk|D {WAS_ND_HOME}\properties BD
D~ wsadmin.properties P SOAP ,SDKZ5,9.%dBDKZ5#
=< C. <8 WebSphere 73 107
2. *a_T\"\b Web XF(YwDyP1ZJb,(i;*20y>&CL
r"&CLr0dM?p$_T0k WebSphere Application Server |,Z;p
D ant 5CLr#
3. %wB;=#
K1+T>;v\a*20D&\?~DT0r#kSPmP!qzh*D&\?
~#
4. X4%wB;=4/@|,TBwnDsxT0r:
v }L(f
v z7"a
v jI
5. 20XhD^)|#PX|`E",kNDZ 99 3D=< B, :kT UNIX Dm~
M2~*s;#
6. (}4PTB=h<8*|,=%*PDBZc:
a. P;= WebSphere bin S?<#
b. 9CTB|nt/~qw:
startServer server1
+ZcmS=%*
Z*<.0,k7# WebSphere Application Server(server1)}ZzkmS=%*DZ
cOKP#
Z xg?p\mw\mXF(O,k4PTBYw+ZcmS=%*:
1. %w53\m –> %*#
2. r*T>DT0rP,%wZc#
3. v/B;vT0r"%w0dC1!n(W?DZc#
4. ZT>D0Zc1T0r,%wmSZc#8(ZcDwz{MKZ,"%w7
(#
K1+T>;v(fZcmS4vDx9T0r#
r_,zIT(}KP addNode.sh E>,;sKP startNode.sh E>+ZcmS=
%*#}g,Zzkw*ZcmSDFczOdkTB|n:
./addNode.sh serverNodeName 8879
./startNode.sh
XBt/Zc
WebSphere Application Server ZZczmLr;mS=%*sT/t/|G#g{ IBM
DB2 G}]b"R IBM DB2 E*D~Z1!ivB;a;R=,rzXk#9Zc
zmLr,;sR= IBM DB2 E*D~"XBt/ZczmLr#
k4PTB=h:
1. #9Zc#kdkTB|n:
{WAS_HOME}/bin/stopNode.sh
2. 9C db2InstanceHome ?<R= IBM DB2 E*D~#XZ|`DE",kNDZ
16 3D:Z?v:/I1FczOR= IBM DB2 E*D~;#
108 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
3. t/Zc#}g,dkTBZ]:
{WAS_HOME}/bin/startNode.sh
4(:/
Z xg?p\mw\mXF(O,k4PTBYw44(:/:
1. %w~qw –> :/#
2. ZsxT0rO,%wB(#
3. dk:/D{F,;s!qOJD~qw,"%wB;=#
4. (}8(:/I1"%w&C,jI0B:/~qw1T0r#Td|:/I1X
48(#1PmjI1,k%wB;=#
5. li:/I1**T7#:/I1PmD}7T#%wjI#
6. +dC#f=wb#
":1#fdC1,k!q0kZc,=|D1#
7# xg?p\mwMZczmLrZKP
*7# xg?p\mwMyP WebSphere Application Server ZczmLr}ZKP,
k4PTBYw:
":g{ IBM DB2 G}]b,rZ AIX M Solaris OzXkZ?v:/I1Fcz
OiR IBM DB2 E*D~T7# Tivoli Identity Manager \;k}]b(E#P
X|`E",kNDZ 16 3D:Z?v:/I1FczOR= IBM DB2 E*D
~;#
1. (}dkTB|n,zIZQ20 xg?p\mwDFczOCJ\mXF(:
http://NDM_host:9090/admin
*7( xg?p\mwD4,,zITZQ20 xg?p\mwDFczOKPT
B|n:
{WAS_NDM_HOME}/bin/serverStatus
*7( JMS ~qw"appserver MZczmLrD4,,kZQ20 WebSphere
Application Server Base DFczOKPTB|n:
{WAS_HOME}/bin/serverStatus
2. T?vZc,k7(GqQ(eR}78(K JDBC }/Lr76D73d?M
{ITIM_HOME}#Z xg?p\mw\mXF(O,%w73 –> \m WebSphered?#}g,lid?PmT7( {ITIM_HOME) D5Gq}7#
3. t/?v:/I1DZczmLr"JMS ~qwM&CLr~qw#}g,%w~
qw –> &CLr~qw#%wm>3~qw(ng server1)D4!r,"%wt
/#
4. Zt/ZczmLrs,*7#ZczmLr}ZKP,k%w53\m –> Zcz
mLr#K1+r*;vT>ZczmLr0|GD4,D0Z#
5. Z/@wO,dk IBM HTTP Server }ZKPyZDFczD Web X7#}g,
dk:
http://myhost.mylab.mycity.mycompany.com/enrole
=< C. <8 WebSphere 73 109
K1+T> Tivoli Identity Manager G<fe#G<= Tivoli Identity Manager &
CLr#
dC WebSphere Application Server Bq~qhC
IZ1! WebSphere Application Server Bq~qhC}M,rx^(&ms`}Dj
<5qwL:X#yT,Xk^Db)Bq~qhC4@9Bq,1#
1! WebSphere Application Server Bq~qhCG:
v BqzfZ,1\F = 120
v M'zGn/4,,1 = 60
b)5XkAYVpvS* 1200 M 600#g{zZF.\sD)&Nq,b)}VI
\XkhCC|_;)#zIT9C WebSphere Application Server \mXF(^Db
)5#
TB}LhvgN|DBq~qhC#g{z*5V Tivoli Identity Manager D:/d
C,rh*T?v:/I1X4b)}L#
1. G<= WebSphere Application Server,"r* WebSphere Application Server \m
XF(#
2. ZXF(s_DwPr*&CLr~qwV',"!qzD~qwD{F#
3. !qZ0=StT1tT?VPDBq~q#
4. ^D0BqzfZ,1\F1M0M'zGn/4,,11hCD5,9|G%d
$FD5qwL:X#
5. %w7(4#f|D#
110 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< D. 2+T<G
>Zhvz\;* Tivoli Identity Manager DKP73mba)D2+T#dP|,T
Bwb:
v :WebSphere D2+T;
v Z 117 3D:dC HTTP ~qwD8C=(;
WebSphere D2+T
2+TtC1,J2EE 2+T7#QZ(DC'5PCJ Tivoli Identity Manager
Enterprise Java Bean(EJB)i~X*DmI(#dCK2+Ti~f0dCO$zFM
C'"am#y]?pGkT%ZcdC9G`ZcdC,V/=haPy;,#
|,TB=h:
1. Z20 Tivoli Identity Manager .0,V/dCO$zFMC'"am#
2. Z Tivoli Identity Manager 20}LP,8(2+TC'j6M\k#
3. Z20Ts,V/+\mC'3d= Tivoli Identity Manager G+#
dC%Zc?pD2+T
>Zhv*%Zc?pdC J2EE 2+Tyh4PDV/=h#
20 Tivoli Identity Manager .0%Zc?pDV/=h
*dC J2EE 2+Ti~,kZ20 Tivoli Identity Manager .04PTBYw:
8(\mC': k4PTBYw48(\mC':
1. ZYw53C'"amP4(r!q;v\mC'#Zsx>}P,CC';Fw
053C'1r wasadmin#
2. ZYw53C'"amP4(r!qm;v\mC'#Zsx>}P,CC';F
w EJB C'r itimadmin#
8(O$zFMC'"am: *8(O$zFMC'"am,k4PTBYw:
1. t/ WebSphere \m~qw"ZXF(G<#
2. %w2+T –> +V2+T#
3. k!qTB!n:
v n/DO$zF:SWAM(r% WebSphere O$zF)
v n/DC'"am:>X OS
4. #fdC|D#
dC>X OS C'"am: *dC>X OS C'"am,k4PTBYw:
1. %w2+T –> C'"am –> >X OS#
2. dk53C'DC'j6(wasadmin)M\k#
3. #fdC|D#
© Copyright IBM Corp. 2003 111
tC2+T: tC2+T#k4PTB=h:
1. %w2+T –> +V2+T#
2. %wtC#
3. g{zktC Java 2 2+T,I!q%w4P Java 2 2+T#g{!PK!n,
ryP&CLryXk'V Java 2 2+T#
4. #fdC|D#
%Zc?ptC2+TsDKP: *T%Zc?ptC2+TsKP,kXBt/
WebSphere \m~qw#1t/\m~qw1,I\*sz8( WebSphere \mC'
j6M\k#}g:
{WAS_HOME}/bin/stopServer.sh server1 [-username wasadmin -password wasadminpassword]{WAS_HOME}/bin/startServer.sh server1 [-username wasadmin -password wasadminpassword]
20 Tivoli Identity Manager .s%Zc?pDV/=h
*jI J2EE 2+Ti~DdC,kZ20 Tivoli Identity Manager .s4PTBYw:
+\mC'3d= Tivoli Identity Manager G+: *+\mC'3d= Tivoli
Identity Manager G+,k4PTBYw:
1. Z WebSphere Application Server \mXF(O,k%w&CLr –> s5&CL
r#
2. %w enRole#
3. Z0=StT1PrBv/"%w+2+TG+3d=C'/i#
4. !q ITIM_SYSTEM 4!r#
5. %wiRC'#
6. %wQw#
7. SPmP!q0EJB C'1(itimadmin)#
8. %w7(#
9. 7#4!P0?vK?1r0yPQO$D?14!r#
":*@94-Z(DCJ,{Cb)4!rG\X*D#
10. #fdC|D#
dC was.policy D~: 7#D~ was.policy fZZZcPDTB?<P:
{WAS_HOME}/config/cells/<cellname>/applications/enRole.ear/deployements/enrole/META-INF
K_TD~Zh Tivoli Identity Manager Z4PYw1yhDmI(#d;K_T4T
Tivoli Identity Manager STNN^F,+G Java 2 2+TDtC'VZ WebSphere
\mDd|&CLrP5)2+T#g{CD~;fZ,kSz7 CD P(;"4FC
D~rZ8(D?<P4(CD~#
D~Z]&CkTBwP`F:
grant codeBase "file:;${application}" {permission java.security.AllPermission;};
(}53C'M EJB C'|B Tivoli Identity Manager dC: g{T53C'M
EJB C'wK|D,zXk(}53C'M EJB C'DB5|B Tivoli Identity Manager
dC#k4PTB=h:
112 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
1. t/53dCLr#*K,kdkTBZ]:
{ITIM_HOME}/bin/runConfig
2. !q02+T1!n(#
K102+T1!n(0Zr*#
3. (}Z>X OS "amP4(D wasadmin C'j6|B053C'1VN0d\
k#
4. (}>X OS "amP4(D itimadmin C'j6|B0EJB C'1VN0d\k#
5. %w7(#
Z%Zc?pPXBt/ Tivoli Identity Manager: *Z%Zc?pPtCK2+
T.sKP,kXBt/ Tivoli Identity Manager "Za>BG<#}g,*XBt/
Tivoli Identity Manager,kdkTBZ]:
{ITIM_HOME}/bin/itim stop.sh wasadmin wasadminpassword{ITIM_HOME}/bin/itim start.sh wasadmin wasadminpassword
hC1!nF,11ddt: 2+T9C;vaZ53&ZGn/4,;(1ddt
s}ZDnF#1!5G 120 VS,TZ9C Tivoli Identity Manager 45I\;;
$#
":Z;)53P,5J,11ddtI\H8(5*L#,1I\h9zG<#1
,1"z1,zXkXU xg?p\mw":/MyPDZczmLr#
*K7#nFP'Z^5cTs=@9bb,1,k4PTBYw:
1. CJ WebSphere Application Server \mXF(#
2. %w2+T –> O$ –> LTPA –> ,1#
< 44. 02+T1!n(0Z
=< D. 2+T<G 113
3. hCnFP'Z^1ddt5,9.,}z>cD53&ZGn/4,Dn$$F
1ddt#
dC`Zc?pD2+T
>Zhv*`Zc?pdC J2EE 2+Tyh4PDV/=h#
20 Tivoli Identity Manager .0`Zc?pDV/=h
*dC J2EE 2+Ti~,kZ20 Tivoli Identity Manager .04PTBYw:
*`Zc2+ThC LDAP: **`Zc2+ThC LDAP,k4PTBYw:
1. 9C?<~qw\m$_4(i/%* ou=wasSecurity,dc=com,dP com ITG
zDi/Ds:#
2. 4(C' cn=wasadmin,ou=wasSecurity,dc=com# ZK>}P,WebSphere Application
Server \mC';8(*53C'(wasadmin)#khCTBVN:
v sn=wasadmin
v uid=wasadmin
v userPassword=wasadminpassword
3. mb,4(C' cn=itimadmin,ou=wasSecurity,dc=com#ZK>}P,Tivoli Identity
Manager \mC';8(* EJB C'(itimadmin)#khCTBVN:
v sn=itimadmin
v uid=itimadmin
v userPassword=itimadminpassword
hCO$zFMC'"am: *hCO$zFMC'"am,k4PTBYw:
1. t/ WebSphere \m~qw"ZXF(G<#
2. %w2+T –> +V2+T#
3. k!qTB!n:
v n/DO$zF:LTPA(a?6Z}=O$)
v n/DC'"am:LDAP
4. #fdC|D#
dCO$zF: *dCO$zF,k4PTB=h:
1. %w2+T –> O$zF –> LTPA#
2. * LTPA O$zF4("7O\k#
3. #fdC|D#
dC LDAP C'"am: *dC LDAP C'"am,k4PTBYw:
1. %w2+T –> C'"am –> LDAP#
2. k!qTB!n:
v ~qwC'j6 = wasadmin
v ~qwC'\k = wasadminpassword
v `M = directoryservertype
dP directoryservertype j6?<~qw,ng IBM_Directory_Server#
v wz = ITIM LDAP ~qwwz{
114 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
v y>(P{F(DN):ou=wasSecurity,dc=com
v y>(P{F(DN):dks((P{F,ng cn=root#
v BIND \k:dks((P{FD\k#
v vTs!4:!PK!n
3. #fdC|D#
tC2+T: *tC2+T,k4PTBYw:
1. %w2+T –> +V2+T#
2. %wtC#
3. g{zktC Java 2 2+T,I!q%w4P Java 2 2+T#g{!PK!n,
ryP&CLryXk'V Java 2 2+T#
4. #fdC|D#
`Zc73PtC2+T.sDKP: *ZtC2+T.sKP,k4PTBYw:
1. Z0P xg?p\mwDFczO,dk:
{WAS_NDM_HOME}/bin/stopManager.sh [-username wasadmin -password wasadminpassword]{WAS_NDM_HOME}/bin/startManager.sh [-username wasadmin -password wasadminpassword]
2. Zd|0PZczmLrDFczO,dk:
{WAS_HOME}/bin/stopNode.sh [-username wasadmin -password wasadminpassword]{WAS_HOME}/bin/startNode.sh [-username wasadmin -password wasadminpassword]
3. XBt/:/#k4PTB=h:
a. ZXF(O9C wasadmin C'j6M\kG<= WebSphere \m~qw#
b. %w~qw –> :/#
c. !q:/#
d. %w#9"%wt/#
4. XBt/ JMS ~qw#k4PTB=h:
a. G<= WebSphere \m~qw#
b. %w~qw –> JMS ~qw#
c. !q~qw#
d. %w#9"%wt/#
20 Tivoli Identity Manager .s`Zc?pDV/=h
*jI J2EE 2+Ti~DdC,kZ20 Tivoli Identity Manager .s4PTBYw:
+\mC'3d= Tivoli Identity Manager G+: *+\mC'3d= Tivoli
Identity Manager G+,k4PTBYw:
1. Z WebSphere Application Server \mXF(O,k%w&CLr –> s5&CL
r#
2. %w enRole#
3. Z0=StT1PrBv/"%w+2+TG+3d=C'/i#
4. !q ITIM_SYSTEM 4!r#
5. %wiRC'#
6. %wQw#
7. SPmP!q EJB C'(itimadmin)#
=< D. 2+T<G 115
8. %w7(#
9. 7#4!P0?vK?1r0yPQO$D?14!r#
":*@94-Z(DCJ,{Cb)4!rG\X*D#
10. #fdC|D#
dC was.policy D~: 7#D~ was.policy fZZ xg?p\mwZcDTB
?<P:
{WAS_NDM_HOME}/config/cells/<cellname>/applications/enRole.ear/deployements/enrole/META-INF
K_TD~Zh Tivoli Identity Manager Z4PYw1yhDmI(#d;K_T4T
Tivoli Identity Manager STNN^F,+G Java 2 2+TDtC'VZ WebSphere
\mDd|&CLrP5)2+T#g{CD~;fZ,kSz7 CD P(;"4FC
D~rZ8(D?<P4(CD~#
D~Z]&CkTBwP`F:
grant codeBase "file:;${application}" {permission java.security.AllPermission;};
+ WebSphere Application Server xg?pdCk%*PDZc,=#XBt/ Tivoli
Identity Manager :/#
Z`Zc73PXBt/ Tivoli Identity Manager: *XBt/ Tivoli Identity
Manager,k4PTBYw:
1. %w~qw –> :/#
2. !q:/{FT_D4!r#
3. %w#9#H}:/#9,;s%wt/#
hC1!nF,11ddt: 2+T9C;vaZ53&ZGn/4,;(1ddt
s}ZDnF#1!5G 120 VS,TZ9C Tivoli Identity Manager 45I\;;
$#
":Z;)53P,5J,11ddtI\H8(5*L#,1I\h9zG<#1
,1"z1,zXkXU xg?p\mw":/MyPDZczmLr#
*K7#nFP'Z^5cTs=@9bb,1,k4PTBYw:
1. CJ WebSphere Application Server \mXF(#
2. %w2+T –> O$ –> LTPA –> ,1#
3. hCnFP'Z^1ddt5,9.,}z>cD53&ZGn/4,Dn$$F
1ddt#
{C J2EE 2+T
*9C WebSphere \mXF({C J2EE 2+T,k4PTBYw:
1. %w2+T –> +V2+T#
2. !{!P({C)2+TM Java 2+T#
3. #9,;st/yPDZczmLr"JMS ~qwM&CLr~qw#
116 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
dC HTTP ~qwD8C=(
*a)d|2+T,IZ Tivoli Identity Manager j+20.sdC HTTP ~qw(n
g IBM HTTP Server),9.$tZ%*b?Fcz#bv}L|,20 Web ~q
w"S xg?p\mw4FtID~,T0dC Web ~qwZ~qwt/10kkd
C WebSphere #i#
TB>}kT Solaris =(OD IBM HTTP Server r Apache#kkTzD=(`&4
PTB=h:
1. Zb?FczO,20MdC HTTP ~qw#
2. Z http_server_dir/conf ?<B4({F* WebSphere D?<#
3. S xg?p\mwFcz+TBD~4F=?< http_server_dir/conf/WebSphere:
v was_deployment_mgr/bin/mod_ibm_app_server_http.so
v was_deployment_mgr/config/cells/plugin-cfg.xml
v was_deployment_mgr/etc/plugin-key.kdb
v was_deployment_mgr/etc/plugin-key.sth
4. Z%*Db?FczO,CD>`-wr* plugin-cfg.xml D~"4PTB|D:
v +?< was_deployment_mgr/etc/ DyP5}|D*?<
http_server/conf/WebSphere P#2MGC /opt/IBMHttpServer/conf/WebSphere
f; /opt/WebSphere/DeploymentManager/etc#
< 45. v?M2+TD HTTP ~qwdC
=< D. 2+T<G 117
v +D~ http_plugin.log D?<|D* http_server/logs#2MG+
/ o p t / W e b S p h e r e / A p p S e r v e r / l o g s / h t t p _ p l u g i n . l o g f ; *
/opt/IBMHttpServer/logs/http_plugin.log#
5. 9CD>`-wr* http_server_home/conf/httpd.conf D~?<,"ZD~)2mS
TBP:
# WebSphere plugin settingsLoadModule ibm_app_server_http_module http_server/conf/WebSphere/mod_ibm_app_server_http.soWebSpherePluginConfig http_server/conf/WebSphere/plugin-cfg.xml
}g,dkTBZ]:
# WebSphere plugin settingsLoadModule ibm_app_server_http_module /opt/IBMHttpServer/conf/WebSphere/mod_ibm_app_server_http.soWebSpherePluginConfig /opt/IBMHttpServer/conf/WebSphere /plugin-cfg.xml
":7# WebSphere Application Server Fix Pack 2 920ZP WebSphere Web ~
qwe~DFczO#
118 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< E. S Tivoli Identity Manager 4.3 }6= Tivoli IdentityManager 4.5
>ZhvS9C WebLogic D Tivoli Identity Manager V4.3 +T0D}]M#=}6
=9C WebSphere Application Server D Tivoli Identity Manager V4.5#
*jI(F,WH+9C WebLogic D Tivoli Identity Manager V4.3 20}6=9C
WebLogic D Tivoli Identity Manager V4.5#K}L+}6 Tivoli Identity Manager V4.3
}]bM LDAP ?<,9.k Tivoli Identity Manager V4.5 f]#u<}6s,B2
0D9C WebSphere Application Server D Tivoli Identity Manager V4.5 +20Zm
bD20D~PP,;sxPdC#
*<0
S Tivoli Identity Manager V4.3 }6= Tivoli Identity Manager V4.5 0,k4PTB
Yw:
1. }6MdCyPtZVP Tivoli Identity Manager 73;?VDm~,TzcBD
Tivoli Identity Manager f>D*s#b|((F}]b0?<~qwr*|G20
9!#
2. Z?<~qw}6}LP,+(h Tivoli Identity Manager SwPDu?,TiR
V{. enrole(;xVs!4)#g{tT5|,V{. enrole,CV{.+|D
* itim#yPtTPDKV{.<+f;,+PZ
{ITIM_HOME}\data\enRoleUnchangedAttributes.properties D~PDtT}b#
Z*<4P}6}L0,k+ Tivoli Identity Manager 4.3 LDAP SwDZ]<v=
LDIF D~#Z LDIF D~PQwV{. enrole#g{zR=|,Z}6}LP;
&|DD5DtT1,k4PTBYw:
a. Z Tivoli Identity Manager 4.5 20}LPT LDAP ?<}6!qq#
b. `- {ITIM_HOME}\data\enRoleUnchangedAttributes.properties D~TmSt
T{F#
c. V/wC LDAP ?<}6#
3. 7#?<~qwQt/RZKP#
4. 8]yP10 Tivoli Identity Manager E",|(tTD~MdChC#b)D~
Z {ITIM_HOME}/data P#
5. 7#]RSPPDyPn<Qe}"RyPXVwHB~(ngVP-w)Q>
}#1S Tivoli Identity Manager V4.3 }6= Tivoli Identity Manager V4.5 1;
'V$ww#f#Z}6.04jIbvNqI\<B Tivoli Identity Manager V4.5
"TA!XVr]RB~(T02014(D)1vVl##
6. g{zZ9C Oracle, k4PTBYw:
v t/ Oracle:
# su - oracle# svrmgrl> connect internal> startup> quit
© Copyright IBM Corp. 2003 119
v t/ Oracle l}w~q:
# su - oracle# Insrctl start
S9C WebLogic D Tivoli Identity Manager 4.3 }6=9C WebLogicD Tivoli Identity Manager 4.5
>Zhv+9C WebLogic D Tivoli Identity Manager 4.3 20}6=9C WebLogic
D Tivoli Identity Manager 4.5 20yXhD=h#XkjIK}6.s,E\209
C WebSphere Application Server D Tivoli Identity Manager 4.5#
1. wC Tivoli Identity Manager 4.5 WebLogic 20Lr,"Lx}#4P20r<1
=vV0zQ20 BEA WebLogic Server 7.0 p?1T0r#
2. %wq#
K1+T>0zkLx20p?1T0r#
3. %wG#
K1+T>0zF.ZN&20 WebLogic Server?1T0r#
4. %wB;=TS\1! WebLogic Server ?<#
K1+T>0!q20D~P1T0r#
5. dk Tivoli Identity Manager 4.3 Dw?<#
K1+T>0zk}6p?1T0r#
6. %wG#
K1+T>020}LPzk}6 LDAP ?<p?1T0r#
7. %wG#b+t/ LDAP ?<}6#
":(}!qq,zI!qZ20s}6 LDAP ?<#20s,kwC bin ?<
PD ldapUpgrade 5CLr#
#=|BjIs,+T>0}]b#=}6QjI1T0r#
8. %w7(#
LDAP }6jI1,+T>0QI&}6?<~qw#=M}]1T0r#
9C WebLogic D Tivoli Identity Manager 4.3 }6=9C WebLogic D Tivoli Identity
Manager 4.5 QjI#
209C WebSphere Application Server D Tivoli Identity ManagerV4.5
>ZhvZS9C WebLogic D Tivoli Identity Manager V4.3 xP}6b;X(OB
DP209C WebSphere Application Server D Tivoli Identity Manager V4.5 yXh
D=h#
1. wC Tivoli Identity Manager 4.5 WebSphere 20Lr,"Lx}#4P20r<
1=vV0!q20?<1T0r#
2. !q;vk-< Tivoli Identity Manager 4.3 20;,DD~P420 Tivoli Identity
Manager 4.5#}g,itim45#
K1+T>0!q}]b`M1T0r#
120 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
3. !q Tivoli Identity Manager 4.3 20y9CDVP}]b`M#
4. Lx4PdM20,1=T>0}]bdCLr1T0r#
5. %w!{#
K1+T>0?<dC1T0r#
6. %w!{#
K1+vV053dC$_1T0r#
7. !q0?<1!n("dkVP?<~qwD,SE"#
8. %wbTTi$dkD,SE"G}7D#
9. !q0}]b1!n("dkVP}]bD,SE"#
10. %wbTTi$dkD,SE"G}7D#
11. %w0J~1!n(#
K10J~1!n(0Z+r*#
12. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
13. %w7("jI20#
209C WebSphere Application Server D Tivoli Identity Manager 4.5 QjI#
dCB20
>ZhvjIS9C WebLogic D Tivoli Identity Manager 4.3 (F=9C WebSphere
Application Server D Tivoli Identity Manager 4.5 yXhDdC=h#kvZS9C
WebLogic D Tivoli Identity Manager 4.3 }6=9C WebLogic D Tivoli Identity
Manager 4.5 "jIT9C WebSphere Application Server D Tivoli Identity Manager
4.5 D20s,jI>ZPD=h#
1. + CustomLabels.properties S Tivoli Identity Manager 4.3 data SD~P4F=
Tivoli Identity Manager 4.5 data SD~P#
2. ^D Tivoli Identity Manager 4.5 enRole.properties D~PDTBtT,9.%d
f"Z Tivoli Identity Manager 4.3 enRole.properties PDtT:
v enrole.defaulttenant.id
v enrole.organization.name
=< E. S Tivoli Identity Manager 4.3 }6= Tivoli Identity Manager 4.5 121
122 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5
>ZhvgNS Tivoli Identity Manager V4.4.x }6= Tivoli Identity Manager V4.5#
>ZjvK%;~qwM:/ Tivoli Identity Manager dCD}6#
Tivoli Identity Manager }6}LIV*=vWN:
v }6X8m~#zXk}6MdCw*VP Tivoli Identity Manager 73;?VDy
Pm~E\zcB Tivoli Identity Manager f>D*s#b|((F}]b0?<~
qwr*|G209!#
v 9C Tivoli Identity Manager 20Lr20 Tivoli Identity Manager DBf># Tivoli
Identity Manager 20Lr+}6 Tivoli Identity Manager Bf>*9CD}]bm"
?<~qw#=MtTD~#
":
1. >ZPa)D}68>E"Y(z+20MdC WebSphere Application Server V5.0
DB20,R|k WebSphere Application Server V4.0 2f#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}/properties/wsadmin.properties PD com.ibm.ws.scripting.port D5k
TBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}/config/cells/<cell_name>/nodes/<node_name>/serverindex.xml
g;P%dD5,Tivoli Identity Manager ?pM Tivoli Identity Manager/WebSphere
Application Server dC+'\#
g{z;k#t WebSphere Application Server V4.0 D20,rXk9C WebSphere
Application Server V4.0 6XLrV/6X|#
2. g{zrc9C Tivoli Identity Manager V4.5 20Lr420 WebSphere Application
Server V5.0,rXk6XTBz7:
v WebSphere Application Server 4.0
v IBM MQSeries
v IBM MQSeries 'V| MA88
3. }6.s,H0DsFMU>}]I\kB}]^X#
*<0
S Tivoli Identity Manager V4.4.x }6= Tivoli Identity Manager V4.5 0,k4PT
BYw:
1. 8]yP10 WebSphere Application Server dChC,|( Tivoli Identity Manager
4.4.x DhC#b)D~Z {WAS_HOME}/config P#
2. 8]yP10 Tivoli Identity Manager E",|(tTD~MdChC#b)D~
Z {ITIM_HOME}/data P#
3. 8]?<~qw#kNDT&ZzDz7DD5#
4. 8]}]b#kNDT&ZzDz7DD5#
© Copyright IBM Corp. 2003 123
5. 7#2073zcr,} Tivoli Identity Manager V4.5 hs#kNDZ 99 3D=
< B, :kT UNIX Dm~M2~*s;#
6. }6?<~qwM}]bm~Tzc Tivoli Identity Manager V4.5 D20hs#k
NDZ 99 3D=< B, :kT UNIX Dm~M2~*s;#
7. 7#]RSPPDyPn<Qe}"RyPXVwHB~(ngVP-w)Q>
}#S Tivoli Identity Manager V4.4 }6= Tivoli Identity Manager V4.5 1;'
V$ww#f#Z}6.04jIbvNqI\<B Tivoli Identity Manager V4.5 "
TA!XVr]RB~(T02014(D)1vVl##
8. <8 WebSphere Application Server 73.kNDZ 103 3D:<8 WebSphere
Application Server 20;#
9. g{JC,kXU:/#
}6%;~qwdC
>Z|(}6 Tivoli Identity Manager %;~qwdC}L#jIV*TBNqiD}
L:
1. 20 WebSphere Application Server Base 5.0#kNDZ 107 3D:Z?vZcO2
0 WebSphere Application Server Base;Tq!}LE"#vTNNX(Z xg?
p\mwr:/DE"#
2. S Tivoli Identity Manager 4.4.x }6= 4.5#kND:S Tivoli Identity Manager
4.4.x }6= 4.5;Tq!}LE"#
S Tivoli Identity Manager 4.4.x }6= 4.5>Z|(S Tivoli Identity Manager 4.4.x }6= 4.5 D}L#
1. t/ Tivoli Identity Manager 20Lr:
v AIX:instAIX-WAS.bin
v Solaris:instSOL-WAS.bin
K106-10Z+r*#
2. !q!1DoT"%w7(#
K10mI$-i10Z+r*#
3. DAmI$-i"7(GqS\dun#g{S\,k!qS\"%wB;=#
K10!q20`M10Z+r*#
4. !q%;~qw"%wB;=#
K10!q20?<10Z+r*#
5. %w!q...."!q Tivoli Identity Manager 4.4.x w?<#
6. %wB;=#
K1vV0zkS 4.4 }6= 4.5 p?1T0r#
7. !qG#
K1vV0WebSphere ;C7O1T0r#
8. 7O WebSphere w?<;C"%wB;=#
K1vV0!q WebSphere 2+T1T0r#
124 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
9. 7( WebSphere +V2+TZzD53PGq*n/D#g{ WebSphere +V2
+T&Zr*4,,r%w tC WebSphere 2+T,qr!q {C
WebSphere 2+T#g{!q0tC WebSphere 2+T1"%wB;=,+m
bvV;v0Z,*sz8( WebSphere Application Server C'j6M\k#P
X|`E",kNDZ 111 3D=< D, :2+T<G;#
K1+vV08(S\\?1T0r#
10. a)S\\?"%wB;=#
K1+vV0$20**1T0r#
11. %w20#
K1+vV053dC$_1T0r#
12. %w0J~1!n(#
K10J~1!n(0Z+r*#
13. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
14. %w7("jI20#
":
1. }6}L&CqCT0dCD}]bT0 LDAP ~qw8kDE"#g{z^(,
S=b)J4,IT9C053dC$_1*b)53XBdC,StT#kND
Tivoli Identity Manager Server Configuration Guide,Tq!53dC$_E"#
2. g{Z20ZdSU=XZ enrole.ear D~Dms{",xg?p\mw I\;
\,S= SOAP KZ#k7#* SOAP dCDKZGZ WebSphere 5.0 20Zd
dCDKZ#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}/properties/wsadmin.properties PD com.ibm.ws.scripting.port D5k
TBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}/config/cells/<cell_name>/nodes/<node_name>/serverindex.xml
g;P%dD5,Tivoli Identity Manager ?pM Tivoli Identity Manager/WebSphere
Application Server dC+'\#
}6:/dC
>Z|(}6 Tivoli Identity Manager :/dCD}L#b)}LVITBwNqi:
1. *:/dC20MdC WebSphere i~:
a. 20 WebSphere Application Server xg?p#kNDZ 105 3D:20
WebSphere Application Server xg?p;Tq!}LE"#
b. 20 IBM HTTP Server M Web e~i~#kNDZ 106 3D:20 IBM HTTP
Server M WebSphere Web ~qwe~;Tq!}LE"#
c. Z(z~qwO20 WebSphere Application Server Base 5.0#kNDZ 107 3
D:Z?vZcO20 WebSphere Application Server Base;Tq!}LE"#
d. dC:/73#kNDZ 105 3D:dC Tivoli Identity Manager :/;Tq!
|`E"#
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5 125
2. * xg?p\mw53+ Tivoli Identity Manager 4.4.x }6= 4.5#kND:* x
g?p\mw53+ Tivoli Identity Manager 4.4.x }6= 4.5;Tq!}LE"#
3. *I1Zc53+ Tivoli Identity Manager 4.4.x }6= 4.5#kNDZ 127 3D:*
I153+ Tivoli Identity Manager 4.4.x }6= 4.5;Tq!}LE"#
* xg?p\mw53+ Tivoli Identity Manager 4.4.x }6=
4.5>Z|(Zw\ xg?p\mw53D53OS Tivoli Identity Manager 4.4.x }6=
4.5 D}L#
":WebSphere Application Server xg?p 5.0 I0k= Tivoli Identity Manager 4.4.x
w~qwr(z~qwP#
1. Z xg?p\mwFczOt/ Tivoli Identity Manager 20Lr:
v AIX:instAIX-WAS.bin
v Solaris:instSOL-WAS.bin
K106-10Z+r*#
2. !q!1DoT"%w7(#
K10mI$-i10Z+r*#
3. DAmI$-i"7(GqS\dun#g{S\,k!qS\"%wB;=#
K10!q20`M10Z+r*#
4. !q:/"%wB;=#
K10X*E"10Z+r*#
5. %wB;=#
K10!q20?<10Z+r*#
6. %w!q...."!q Tivoli Identity Manager 4.4.x w?<#
7. %wB;=#
K1+vV0zkS 4.4 }6= 4.5 p?1T0r#
8. !qG#
K10!q:/Zc`M10Z+r*#
9. !qZc`MD xg?p\mw"%wB;=#
K1+vV0WebSphere ;C7O1T0r#
10. 7O WebSphere w?<;C"%wB;=#
K1+vV0!q:/{F1T0r#
11. a)Z xg?p\mwZ4(D:/{F#
12. %wB;=#
K1+vV0!q WebSphere 2+T1T0r#
13. 7( WebSphere +V2+TZzD53PGq*n/D#g{ WebSphere +V2
+T&Zr*4,,r%w tC WebSphere 2+T,qr!q {C
WebSphere 2+T#g{!q0tC WebSphere 2+T1"%wB;=,+m
bvV;v0Z,*sz8( WebSphere Application Server C'j6M\k#P
X|`E",kNDZ 111 3D=< D, :2+T<G;#
126 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
K1+vV08(S\\?1T0r#
14. a)S\\?"%wB;=#
K1+vV0$20**1T0r#
15. %w20#
":g{Z20ZdSU=XZ enrole.ear D~Dms{",xg?p\mw I
\;\,S= SOAP KZ#k7#* SOAP dCDKZGZ WebSphere 5.0
20ZddCDKZ#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}/properties/wsadmin.properties PD com.ibm.ws.scripting.port D
5kTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}/config/cells/<cell_name>/nodes/<node_name>/serverindex.xml
g;P%dD5,Tivol i Ident i ty Manager ?pM Tivol i Ident i ty
Manager/WebSphere Application Server dC+'\#
K1+vV053dC$_1T0r#
16. %w0J~1!n(#
K10J~1!n(0Z+r*#
17. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
":0Identity Manager ~qw URL1VN5Gz(;h|DD5#zITZK1
a)d|053dC$_1!n(D=SE"#
18. %w7("jI20#
":}6}L&CqCT0dCD}]bT0 LDAP ~qw8kDE"#g{z^(,
S=b)J4,IT9C053dC$_1*b)53XBdC,StT#kN
D Tivoli Identity Manager Server Configuration Guide,Tq!53dC$_E"#
*I153+ Tivoli Identity Manager 4.4.x }6= 4.5>Z|(Z:/I153PS Tivoli Identity Manager 4.4.x }6= 4.5 D}L#
":WebSphere Application Server xg?p 5.0 I0k= Tivoli Identity Manager 4.4.x
w~qwr(z~qwP#
1. ZI1ZczwOt/ Tivoli Identity Manager 20Lr:
v AIX:instAIX-WAS.bin
v Solaris:instSOL-WAS.bin
K106-10Z+r*#
2. !q!1DoT"%w7(#
K10mI$-i10Z+r*#
3. DAmI$-i"7(GqS\dun#g{S\,k!qS\"%wB;=#
4. %wB;=#
K10!q20`M10Z+r*#
5. !q:/"%wB;=#
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5 127
K10X*E"10Z+r*#
6. %wB;=#
K10!q20?<10Z+r*#
7. %w!q...."!q Tivoli Identity Manager 4.4.x w?<#
8. %wB;=#
K1+vV0zkS 4.4 }6= 4.5 p?1T0r#
9. !qG#
K10!q:/Zc`M10Z+r*#
10. !qZc`MD0:/I11"%wB;=#
K1+vV0WebSphere ;C7O1T0r#
11. 7O WebSphere w?<;C"%wB;=#
K1+vV0!q:/{F1T0r#
12. a)Z xg?p\mwZ4(D:/{F#
13. %wB;=#
K1+vV0!q WebSphere 2+T1T0r#
14. 7( WebSphere +V2+TZzD53PGq*n/D#g{ WebSphere +V2
+T&Zr*4,,r%w tC WebSphere 2+T,qr!q {C
WebSphere 2+T#g{!q0tC WebSphere 2+T1"%wB;=,+m
bvV;v0Z,*sz8( WebSphere Application Server C'j6M\k#P
X|`E",kNDZ 111 3D=< D, :2+T<G;#
K1+vV08(S\\?1T0r#
15. a)S\\?"%wB;=#
K1+vV0$20**1T0r#
16. %w20#
":g{Z20ZdSU=XZ enrole.ear D~Dms{",xg?p\mw I
\;\,S= SOAP KZ#k7#* SOAP dCDKZGZ WebSphere 5.0
20ZddCDKZ#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}/properties/wsadmin.properties PD com.ibm.ws.scripting.port D
5kTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}/config/cells/<cell_name>/nodes/<node_name>/serverindex.xml
g;P%dD5,Tivol i Ident i ty Manager ?pM Tivol i Ident i ty
Manager/WebSphere Application Server dC+'\#
K1+vV053dC$_1T0r#
17. %w0J~1!n(#
K10J~1!n(0Z+r*#
18. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
":0Identity Manager ~qw URL1VN5Gz(;h|DD5#zITZK1
a)d|053dC$_1!n(D=SE"#
128 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
19. %w7("jI20#
":}6}L&CqCT0dCD}]bT0 LDAP ~qw8kDE"#g{z^(,
S=b)J4,IT9C053dC$_1*b)53XBdC,StT#kN
D Tivoli Identity Manager Server Configuration Guide,Tq!53dC$_E"#
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5 129
130 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< G. 6X Tivoli Identity Manager
Tivoli Identity Manager 6X}L+6XTBwn:
v Tivoli Identity Manager,|,Z Tivoli Identity Manager 20}LP4F=?j53
DyP {ITIM_HOME} D~
v Z WebSphere Application Server O* Tivoli Identity Manager 4(D Tivoli Identity
Manager &CLrMdChC
6X Tivoli Identity Manager ;a^DVP}]bmr?<~qw#=#Tivoli Identity
Manager 6XLr+S WebSphere Application Server P}% Tivoli Identity Manager
&CLr#
*6XI\Z Tivoli Identity Manager 20}LP20Dd|z7,ng WebSphere
Application Server r IBM HTTP Server,kNDT&ZCz7DD5#
":g{S:/dC6X Tivoli Identity Manager,kHSyP:/I1}% Tivoli
Identity Manager,YS0P xg?p\mwDFczP}% Tivoli Identity
Manager#
*<0
g{Z6X Tivoli Identity Manager 0rc#f WebSphere PD Tivoli Identity Manager
dCE",k8] WebSphere dCD~#
1. t/ WebSphere Application Server#XZt/K~qwD|`E",kNDI
WebSphere Application Server a)DD5#
2. Zw\ WebSphere Application Server DFczOKPTB|n4Fw;v8]D~:
{WAS_HOME}/bin/backupConfig.sh
K|n4(;v|,yP10 Tivoli Identity Manager dChCD9uD~,ng
WebSphereConfig_2003–07–10.zip#KD~4(ZzKP backupConfig |nD?<
P#
":*4-dChC,kKPTB|n:
{WAS_HOME}/bin/restoreConfig.sh WebSphereConfig_datevalue.zip
":
1. g{*S:/dC6X Tivoli Identity Manager,k7# xg?p\mw}ZKP#
mb,*K,V&CLr~qwM xg?p\mw.dD(E,Z4P6X}L.
09&i$ZczmLr}Z53OKP#
2. g{;P JVM 1.3 D>X1>r;P>XD WebSphere Application Server Base 2
0$tZ53O,rS xg?p\mw536X Tivoli Identity Manager 1av=
J b # Z b V i v B , z I T 2 0 ; v J V M 1 . 3 > X 1 > , r | B
<ITIM_HOME>/itimUninstallerData/Uninstall_ITIM.lax LAX D~D JVM (e#
k+BP:
lax.nl.current.vm=/java/bin/java
© Copyright IBM Corp. 2003 131
|D*
lax.nl.current.vm=<was_ndm_home>/java/bin/java
3. g{*4P6L6X,k(} Telnet ==G<=0P Tivoli Identity Manager Dz
w"+6LT><v=>Xzw:
<localmachine># xhost +<localmachine># telnet <fully qualified hostname or ip address><remotemachine># export DISPLAY=<fully qualified hostname or ip address>:0.0
6X Tivoli Identity Manager D=h
*6X Tivoli Identity Manager,k4PTBYw:
1. Z0P Tivoli Identity Manager DFczOKPTB|nT6X Tivoli Identity
Manager &CLr:
{ITIM_HOME}/itimUninstallerData/Uninstall_ITIM
2. Lx4P6Xr<fe,T7Oz#{6X Tivoli Identity Manager#
3. Z6XI&jIs,SD~53}% Tivoli Identity Manager DyPfZD?<"
dCD~MU>D~#
Tivoli Identity Manager 6XLr9}%?pZ WebSphere Application Server D Tivoli
Identity Manager &CLr#
*i$ Tivoli Identity Manager QS WebSphere Application Server w*&CLr;6
X"}%,k4PTBYw:
1. t/ WebSphere Application Server \mXF("G<#
2. S<=wP,/@?jZc"%wZ|.BDs5&CLr4S#
K1+T>;v20Z&CLr~qwODs5&CLrDPm#g{z4={*
enRole D&CLrPZdP,r Tivoli Identity Manager 6XLr4\T/S
WebSphere Application Server }% Tivoli Identity Manager &CLr#zITV/
}%&CLr#g{ZPmP4R= enRole &CLr,r Tivoli Identity Manager
6XLrQS WebSphere Application Server PI&}%K Tivoli Identity Manager
6XLr#
*S WebSphere Application Server w*&CLrV/}% Tivoli Identity Manager,
k4PTBYw:
1. t/ WebSphere Application Server \mXF("G<#
2. S<=wP,/@?jZc"%wZ|.BDs5&CLr4S#
K1+T>;v20Z&CLr~qwODs5&CLrDPm#
3. !q enRole &CLrT_D4!r#
4. %w#94%#
5. 1I	 enRole &CLr1,k!q enRole &CLrT_D4!r#
6. %w6X4%#
7. li enrole.ear ?<Qj+S
{WAS_HOME}/AppServer/config/cells/servername/applications
{WAS_HOME}\AppServer\config\cells\servername\applications }%#
8. }% {WAS_HOME}/AppServer/logs PD itim.log#
132 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
":Z:/73P,;)S xg?p\mw53}% Tivoli Identity Manager,Tivoli
Identity Manager T:/+;YIC#(}q-TOyPDV/6X&CLrD8>
E",zITS%v:/I1P}% Tivoli Identity Manager#
=< G. 6X Tivoli Identity Manager 133
134 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
=< H. yw
>E"G*Z@za)Dz7M~q`4D#IBM I\Zd|zRrXx;a)>D5
PV[Dz7"~qr&\XT#PXz10yZxrDz7M~qDE",krz
1XD IBM zmI/#NNT IBM z7"Lrr~qD}C"GbZw>r5>;
\9C IBM Dz7"Lrr~q#;*;V8 IBM D*6z(,NN,H&\Dz
7"Lrr~q,<ITzf IBM z7"Lrr~q#+G,@@Mi$NNG IBM
z7"Lrr~q,rIC'TP:p#
IBM +>I\Q5Pr}Zjkk>D5Z]PXDwn({#a)>D5"4ZhC
'9Cb)({DNNmI$#zITCif==+mI$i/Dy:
IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.
PX+VZ(DBCS)E"DmI$i/,kkzyZzRrXxD IBM *6z(?E
*5,rCif==+i/Dy:
IBM World Trade Asia CorporationLicensing2-31 Roppongi 3-chome, Minato-kuTokyo 106-0032, Japan
>un;JC"zrNNbyDunk1X(I;;BDzRrXx:zJL5zw
+>T04V41Dy!a)>vfo,;=PNNN=D(^[Gw>D,9G,
>D)#$,|((+;^Z)TGV(T"JzTMJCZ3X(C>D,>#
$#3)zRrXxZ3);WP;Jmb}w>r,>D#$#rK>unI\;
JCZz#
>E"PI\|,<u=f;;<7DX=r!"ms#K&DE"+(Z|D;b
)|D+`k>vfoDBf>P#IBM ITf1T>vfoPhvDz7M/rLr
xPDxM/r|D,x;mP(*#
>E"PTG IBM Web >cDNN}C<;G*K=cp{Ea)D,;TNN==
d1TG) Web >cD#$#C Web >cPDJO;G IBM z7JOD;?V,
9CG) Web >cx4DgU+IzTPP##
IBM IT4|O*J1DNN==9CrV"zya)DNNE"x^kTzP#NN
pN#
>LrD;mI=g{*KbPXLrDE"To=gB?D:(i)JmZ@"4(
DLrMd|Lr(|(>Lr).dxPE";;,T0(ii)JmTQ-;;DE
"xP`%9C,kkBPX7*5:
IBM Corporation2ZA4/10111400 Burnet Road
© Copyright IBM Corp. 2003 135
Austin, TX 78758U.S.A.
;*qXJ1Du~Mun,|(3)iNBD;(}?D6Q,<IqCb=fD
E"#
>JOPhvDmILr0dyPICDmIJOyI IBM @] IBM M'-i"IBM
zJLrmI$-irNN,H-iPDuna)#
K&|,DNNT\}]<GZ\X73PbCD#rK,Zd|Yw73PqCD
}]I\aPwTD;,#P)b?I\GZ*"6D53OxPD,rK;#$k
;cIC53OxPDb?a{`,#Kb,P)b?G(}Fcx@FD,5Ja
{I\aPnl#>D5DC'&1i$dX(73DJC}]#
f0G IBM z7DE"ISb)z7D)&L"dvf5wrd|I+*qCDJO
Pq!# IBM ;PTb)z7xPbT,2^(7OdT\D+7T"f]TrNN
d|XZG IBM z7Dyw#PXG IBM z7T\DJb&1rb)z7D)&L
av#
Lj
TBuoGzJL5zw+>Z@zM/rd|zRrXxDLjr"aLj:
AIX
DB2
IBM
IBM Uj
SecureWay
Tivoli
Tivoli Uj
Universal Database
WebSphere
Lotus G Lotus Development Corporation M/r IBM +>D"aLj#
Domino GzJL5zw+>M Lotus Development Corporation Z@zM/rd|zR
rXxDLj#
Microsoft"Windows"Windows NT M Windows UjG Microsoft Corporation Z@z
M/rd|zRrXxDLj#
UNIX G The Open Group Z@zMd|zRrXxD"aLj#
Java™ 0yPyZ Java DLjMUjG Sun Microsystems,
Inc. Z@zMd|zRrXxDLjr"aLj#
d|+>"z7M~q{FI\Gd|+>DLjr~qjG#
136 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Jcm
2A3
2+WSVc(secure socket layer,SSL): CZ(}
rXx+d=KD5D-i#SSL D$w-mG9C(C
\?S\(} SSL ,S+dD}]#
2B3
;ksTs(requestee): ksa;ykTDK1#
p{(alias): C'm],(#F*C'j6#C'IT
PtIp{,}g:GSmith M GWSmith#
"C8n(join directive): (e1=vr`v)&_T
"ze;1gN&mtTD;ifr#
;JmDYw(disallowed action): ;iCZ-wDN
},(eZ3K;;JmT!(~q5PJ',+ Tivoli
Identity Manager ~qw"VKbyDJ'1*I!DY
w#KN}vZ0li_T14!r!P1P'#
2C3
Nk_(participant): Zm]\mP,P(l&(}$
ww}fa;DksDK1#Nk_I;j6*ve"G
+r(}9C(F JavaScript E>(e#
Yw(f(operation report): 4Yw`M"UZ"Y
wks_MYwksTsPv Tivoli Identity Manager Yw
ksD(f#
_T5)(policy enforcement): Tivoli Identity
Manager 53'Vr;'V%4)&_TDJ'D==#
_T(policy): Z Tivoli P,&CZ\\J4D;if
r#}g,_TI&CZ\krC'T<CJDJ4#
i/(query): ^F-wT5XO!ViD==#
2D3
}&mPm(to do list): QVdxC'*sjID;i
Ywn#
zm(delegate): ;8(*:pTd{C'z<ksr
a)ksE"Dve#
gSmq(electronic form): gSmqw*#eCT(
e;ksDCJDwvN}#
2F3
6'(scope): _T\0lD6'#
(#,6'(e*%vwrSw#16'(e*%vw
1,_Tv0l|(eyZ,;V'PD5e#16'(
e*Sw1,_T0l|(eyZDV'0dp4V'S
tDyPd|V'#
CJXFE"(access control information,ACI): j
6irweCJ(D}]#km{CJXF(access
control)#
CJ(access): 9Cf"ZFcz53ODE"r}]
DX(#
Gn/J'(inactive account): Z53PfZ+J'
yP_4Z9CDJ'#
V'(branch): i/wZD?;cyF*V'#wP?
V`MDV'I;,D<jm>#(}%wV'T_DS
E(+)Ii4xPSV'DV'Z]#
~q!q_T(service selection policy): 7(Z)&
_TP9CDV~qD JavaScript }Kw#
~q(service): ~qwr`Xm~P4Pw*&\DL
r#
4-(restore): XB$n]RDJ'#
2G3
vKE"(personal information): C'DvKE"#
b)E"I|(U"{"R%X7"g0Ek"gSJ~
X7"l+Rg0Ek"w\KU{H#
2mX\(shared secret): CZlwC'u<\kTc
CJ Tivoli Identity Manager 53DS\5#C5ZC'D
vKE"nu0k=531(e#
)&_T(provisioning policy): (eCJwV`MD
\\~q(ng Tivoli Identity Manager rYw53)D_
T#CJ(HIZhyPK,2IyZK1Di/G+4
Zh#CJ2IXpZ(xGNNi/G+I1DK1#
)&(provision): Zi/PhCM,$T53DC'C
J#
$ww(workflow): 4s55qwL4PDn/rP#
© Copyright IBM Corp. 2003 137
B_L(B_LJ')(orphan,orphan accounts):
Z Tivoli Identity Manager 53P;\7(dJ'yP_D
6LJ4ODJ'#
X|V(keyword): ZQw1j6_TDw}u?#
\mr(admin domain): Tivoli Identity Manager 5
3Pi/DVx,|,dTmD_T"~qM ACI H#?
v\mr<ITP\m1,+K\m1;\\mri4d
|\mrD_T"~qM ACI#
2H3
n/J'(active account): QfZR}IyP_CZ
CJJ4DJ'#
2J3
2,i/G+(static organizational role): ;\V/
VdDi/G+#
\x(f(rejected report): 4UZ"ksYw_Mk
sYwTsPv;\xksD(f#
2K3
X~`M(control type): zmC'gfOVN`MD
Java `M`D5}#
2M3
\k_T(password policy): (eyP\kXkzc
DN}/(ng$H"JmM;JmDV{`M)Df
r#
\kP'Z^(password expiration period): ZC'
;?F|D\k0\kI9CD1d#
\k(password): ZFczMxg2+TP,IC'd
kR;53O$DX(V{.,|JmC'qCT53T
0f"ZdPDE"DCJ(#
?<~qjGoT(Directory Services MarkupLanguage,DSML): ;V XML 5V,*Z;,D?
<53PhvM2m?<~qE"a)(Cq=#
2P3
>$(credential): C'DC'j6M\kE",I(}
9C|G4CJJ'#
2Q3
){(^(signature authority): z<r\xa;=$
ww}fDksD(^#1C'rC'iZ$wwhFP
8(*Nk_r}6Nk_1,Zh{G){(^#
ksK(requestor): a;ksDK1#
ks(request): Tivoli Identity Manager 53Pksz
<rE"DYwn#
2R3
O$PD(Certificate Authority,CA): )"$iDi
/#O$PDxp$iyP_Dm]0yP_;Z(9C
D~q")"BD$i"x)VP$i"7z;Y;Zh
9C(DC'ytD$i#
O$(authentication): j6veD}L((#yZC
'{M\k)#Z2+T53P,O$kZ(G;,D,
Z(GyZveDm]Zh{GCJ53TsD}L#O
$v7#veG{r}yywDGy,+TveDCJ(
;wNN5w#
2S3
m]_T(identity policy): Tivoli Identity Manager 5
3(egN4(C'j6Dfr#
sFzY(audit trail): x(1dNZFcz53BqD
G<#
}6Nk_(escalation participant): Zm]\mP,
P(TNk_Z8(}61dZ;Pl&Dkswvl&
DK1#}6Nk_I;j6*ve"G+r(}9C(
F JavaScript E>j6#
}61^(eacalation limit): Nk_XkZ}6"z0
l&ksD1d(Tl}"!1"VVrk*%;)#
5e(entity): 1)PXE";f"DK1rTs#
2)TBwV`PD;V,Tivoli Identity Manager 53P+
}CTBw`:
v Person
v BPPerson
v Organization
v BPOrganization
Z(yP_(authorization owner): IZdytDi/
%*OBDP(eCJXFE"(ACI)DC'i#
138 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Z((authorization): ZFcz2+TP,(^;Zh
C',9CC'kFcz53xP(Er9CFcz5
3#Z(GZhC'TTs"J4r&\j+r\^FD
CJ(D}L#
s`}Fcz2+T53GyZ==jID}L#Z;W
NGO$,7#C'G{r}yywDGy#Z~WNG
Z(,y]C'Dm]JmC'CJwVJ4#
Z((entitlement): 2+\mPD}]a9"~qrz
m_TE"D;itT#
tT5)(attribute enforcement): 53\m1(eJ
'yhtT0G)tTDP'5D}L#
}V$i(digital certificate): CZ2+T?DDgS
{"=~#
yP_(owner): Z Tivoli Identity Manager 53P5
PJ'r~qDK1#
2T3
aJ&p(challenge response): 1C'G<xg1*
sC'(}a)vKE"X&a>Ti$dm]DO$=
(#
2W3
4vks(pending requests): Qa;=53+P4j
IDks#
;C(location): ImS=i/PD;V=t5e#(
#,*Ki/\m?D4_-==VtXm;C1aC=
;C#
2X3
53\m1(system administrator): ICJ53Py
PxrDve#
Z Tivoli Identity Manager 53Pa)K$dCD ITIM
i#K ITIM ihF*IZhI1nsD53CJ(#\m
1 ITIM iDI1C'ICJyP53&\M}]#
zJ(de-provision): }%~qri~#}g,z%J
'b6ESJ4P>}J'#
-w(f(reconciliation report): PvTns;N4
P-wpR=DB_LJ'D(f#
-w(reconciliation): HOPk}]bk\\zm53
DE"0j6=_dnlD}L#
E"ks(request for information,RFI): Zm]\
mP,S8(Nk_ks=SE"DYwn,bG$ww
PDXh=h#
2Y3
5q%;(business unit): i/D=t5e#
5qoiI1(business partner person): 5qoi
i/PDI1#
5qoii/(business partner organization): I
mS=i/PD;V=t5e#(#,5qoii/C4
j6P|L")&Lrd|G1SM1+I\h*CJ+
>J4DveDi/#
QjIDks(completed requests): Qa;=53R
jIDks#
C'(f(user report): 4UZ"Ywks_kYwk
sTsPvyP Tivoli Identity Manager YwD(f#
C'gf(user interface,UI): C'k53;%9C
DT>gf
C'`(u s e r c l a s s ): ;V L D A P `,ng
inetorgperson r BPPerson#
C'{(user name): C'CZCJ53Dj6#Kj
6,12r53j6C',"Jm53y]wV;,i/
G+M ITIM iPDC'I1Jq7(C'DCJ(#
C'(user): k53;%DNNK#
r\m1(domain administrator): I(ek\mRv
ZdT:D\mrP(ek\m)&5e"_T"~q"
$ww(e"G+0d\mrZC'D\m1#
<x(constraint): TN}r_TD^F#
2Z3
]R(suspend): !{$nJ'9CJ'yP_;\G
<=J4DYw#
J'(f(account report): PvwK1"dX*J'
T0J'GqqS10_THE"D(f#
J'(account): (eC'G<E"MCJXFE"D
;iN}#
Pk}]b(central data repository): CZG<Mf
"C'}]0yPQ"aC'DCJX(}](|(Bq
M,$G<)D}]b#
Jcm 139
w\K(supervisor): Z Tivoli Identity Manager 53
P8(*5q%*yP_DK1#
J4)&\m( R P M , r e s o u r c e p r o v i s i o n i n gmanagement): iOK}vX|*X - 5q_-"$
ww\mMV<zmLrD\m-m,b}v*XaOZ
;pTC'CJE"k5qJ4a)/P)&\m#
J4(resource): Tivoli m~\mD2~"m~M}]
5e#km{\\J4(managed resource)#
SxL(subprocess): w*m;$wwhFD;?V*
<D$wwhF#
i/%*(organizational unit): i/Z(eDCZ+
i/8V*|P{Z\mDiDC'MJ4we#C';
j+Vd=;vi/%*#J42j+;Vd=;vi/
%*,}G|GTZi/(e*+VJ4#
i/G+(organizational role): Zm]\mP,C4
7(Z(CJwV\\J4D_TI1JqDtT#
i/w(organization tree): i/DcNa9,a)4
("CJMf"i/E"D_-;C#
i/(organization): Zm]\mP,`1@"DC'
MJ4we#d;i/.dDJ42mGI\D,+Gi
/.dD/I6p`TOM#(#,;vi/zm;v+
>#
A
ACI ?j(ACI target): \ ACI XFD;i5e#
ACI 4(ACI origin): i/wP ACI 4(yZDV'#
D
DSML m])x(DSML identity feed): Tivoli Identity
Manager D}V1!~q`M.;#
DSML m])x~qSK&J4}]brD~<kC'}
]"r Tivoli Identity Manager ?<)xb)E"#K~q
IT4TB=V==PD;VSUE":-wr4-ks
D(*#
H
HR )x(HR feed): Tivoli Identity Manager 53S
K&J4}]brD~<kC'}]DT/}L#kND
DSML m])x(DSML identity feed)#
I
ITIM i(ITIM group): Tivoli Identity Manager ~qw
ZDC'i#
I'F ITIM i9(53CJM\m#;x,XkH*vK
)& ITIM J'E\+CC'Vdx ITIM i#;) ITIM
J')&x3K,KKMG ITIM C'K"\Sk= ITIM
iP#
T
Tivoli Identity Manager zmLr(Tivoli IdentityManager Agent): Z?j\\53M Tivoli Identity
Manager ~qwdDG\SZ#|d1IEDib\m1,
"RG*;C'ksT0a)wV?j532+CJdC
DX|i~#
Tivoli Identity Manager ~qw(Tivoli IdentityManager Server): hFCZ?pyZ_TD)&bv=
8Dm~M~q|#
140 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
w}
[A]20
XBt/:/ 88
U>
%;~qw 56
:/ 87
3r
%;~qw 38
d|dC 46, 78
:/ 68
!q}]b 41, 71
IBM HTTP Server 106
Oracle
AIX 17
Solaris 19
Windows 20
Tivoli Identity Manager ~qw
%;~qw 31
wL<,%;~qw 37
wL<,:/ 67
:/ 61
T/D 31
WebSphere Application Server xg?p 105
WebSphere Application Server Base 107
20?<
IBM HTTP Server VN 37
WebSphere Application Server VN 36
WebSphere Application Server Base VN 66
[B]X8m~
4(
:/ 63
%;~qw
\m(^ 32, 62
?<~qw 31
}]b 31
*r* WebSphere +V2+Tp? 32
~qw
IBM HTTP Server 101
WebSphere Application Server xg?p 101
WebSphere Application Server Base 101
$wm
%;~qw 33
:/ 62, 64
lb
IBM HTTP Server 31
WebSphere 6k={"+]'V 31
WebSphere Application Server 31
X8m~ (x)
:/
ZczmLr 61
?<~qw 61
}]b 61
xg?p\mw 61
HTTP a0VCT 88
JMS ~qw 61
WebSphere Application Server Base 61
D5 v
T/20,%;~qw 31
w* root D(^ 62
IBM HTTP Server
T/20,%;~qw 31
root C' 62
WebSphere 6k={"+]'V
T/20,%;~qw 31
WebSphere Application Server Base
T/20,%;~qw 31
`F IBM DB2 }]bD?< 15
[C]Yw53
\'VD AIX 6p 99
\'VD Solaris 6p 99
c
$ww(WF) 6, 63
C'gf(UI) 6, 63
w*&\S/D(e 6
vfo
X8m~ v
(z!n vii
9CD<( vii
`X vi
Z_CJ vi
IBM DB2 vi
IBM Directory Server vi
IBM HTTP Server vi
Oracle vi
Sun ONE Directory Server vi
Tivoli Identity Manager v
Web zm~qw vi
WebSphere 6k={"+]'V vi
WebSphere Application Server vi
u<]?,}]bXVN 34, 65
VeD> vii
[D]%Zc,J2EE 2+TdC 111
© Copyright IBM Corp. 2003 141
%;~qw
20
d|dC 46
U> 56
3r 38
Tivoli Identity Manager ~qw 31
20wL< 37
X8m~
\m(^ 32, 62
?<~qw 31
}]b 31
*r* WebSphere +V2+Tp? 32
$wm 33
dC
20 31
WebSphere Application Server 4
%;:/dC
20 68
WebSphere Application Server 6
%*
mSZc 108
WebSphere Application Server 3
G<S1k},}]bXVN 34, 65
HmVMD> vii
KZ
e;,bv 27
?<~qwVN 35, 65
2809 27
8880 27
9043 27
9080 27
9090 27, 36
9090,bvk wsmserver De; 104
9091 36
9443 27
Bootstrap/rmi 27
SOAP ,Sw 28
WebSphere Application Server VN 36
KZE,}]bVN 34, 65
`Zc,J2EE 2+TdC 114, 115
[F]~qw
X8m~
IBM HTTP Server 101
WebSphere Application Server xg?p 101
WebSphere Application Server Base 101
V/20,:/ 103
T/20,%;~qw 31
~qw{F,WebSphere Application Server VN 36
(z!n,D5 vii
[G]&\:/dC
4c|{:/(UI,WF) 6, 63
WebSphere Application Server 7
$wm
%;~qw 33
:/ 64
$wwc,Tivoli Identity Manager 6
$w>wz{,WebSphere Application Server VN 36
\m(^,7#20.0 32, 62
\m1j6,}]bVN 34, 64
\m1\k,}]bVN 34, 64
[H]:eX,* IBM DB2 4( 13
:eX,IBM DB2 12
[J]S\
\? 45, 77
WebSphere Application Server 36, 66
lbX8m~
IBM HTTP Server 31
WebSphere 6k={"+]'V 31
WebSphere Application Server 31
Zc
mS=%* 108
WebSphere Application Server 3
ZczmLr
7#t/"KP 109
WebSphere Application Server 3
Zc{,WebSphere Application Server VN 36
{C,J2EE 2+TdC 116
[L]*5'V vii
wL<
%;~qw20 37
:/20 67
[M]\k
?<~qwVN 35, 66
0secret1w*20sDu<5 37, 67
Tivoli Identity Manager VN 37, 67
|n
adduser 103
chuser 103
db2 catalog 15
db2 connect 13
142 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
|n (x)
db2 create 12
db2 create bufferpool 13
db2 force application all 13
db2 update 12
db2set 11
db2start 13
db2stop 13
mkgroup 103
mkuser 103
usejdbc2 16
?<~qw
dC,u< 47, 79
VN
KZ 35, 65
\k 35, 66
1!i/L{F 35, 65
"Pf"x}? 35, 65
v?F} 36, 66
wz{ 35, 65
we DN 35, 66
i/{F 35, 65
nuDXs! 35, 66
nsXs! 35, 66
Identity Manager DN ;C 35, 65
[N]Zf;;ms,9C applheapsz 17
ZK5,Solaris 100
[P]dC
Ev 3
f. 3
?<~qw 47, 79
}]b 46, 78
IBM DB2 11
uo 3
IBM DB2
~qw 12
:eX 12
Z~qwO4(C' 13
Z:/FczO4(C' 14
applheapsz 17
JDBC }/Lr 14
IBM Directory Server
}Cj{T 24
V4.1 24
Oracle 20
Sun ONE Directory Server 28
Tivoli Identity Manager
02+T1!n( 54, 85
0#f1!n( 48, 80
dC (x)
Tivoli Identity Manager (x)
0?<1!n( 49, 81
0U>G<1!n( 51, 83
0}]b1!n( 50, 82
0J~1!n( 52, 84
UI !n( 53, 85
WebSphere Application Server
%;~qw 4
%;:/ 6
&\:/ 7
9C Tivoli Identity Manager 9
[Q]+V2+T
dC 111
Z20.07(4, 32
itimadmin 113
wasadmin 113
WebSphere Application Server
hC 36, 43, 66, 75
53C'VN 36, 67
EJB C'VN 37, 67
1!i/L{F,?<~qwVN 35, 65
7#KPxL
9C runConfig(53dC) 56, 87
:/
20
d|dC 78
U> 87
3r 68
3r*s 61
Z....sXBt/ 88
Tivoli Identity Manager ~qw 61
20wL< 67
X8m~
ZczmLr 61
?<~qw 61
}]b 61
xg?p\mw 61
HTTP a0VCT 88
JMS ~qw 61
WebSphere +V2+T 111
WebSphere Application Server Base 61
I1
d|dC 78
nd:/ 63
xg?p\mw.sD203r 68
WebSphere Application Server 4
4(
Z20 Tivoli Identity Manager .0 63
$wm 64
Z xg?p\mw\mXF(O4( 109
WebSphere Application Server 3
:/{F,WebSphere Application Server VN 66
w} 143
[R]O$PD
~qwkzmLrD(E 58, 90
\'VD$i`M 58, 90
U>
%;~qw20 56
:/20 87
U>G<6p 37, 66, 67
[S]"Pf"x}?,?<~qwVN 35, 65
}6
%;~qwdC 124
dC 121
:/dC 125
}60 119, 123
IBM HTTP Server 125
Tivoli Identity Manager 119, 123
}]b
dC
u<D 46, 78
IBM DB2 11
Z20}LP!q 41, 71
VN
KZE 34, 65
\m1j6 34, 64
\m1\k 34, 64
}]b`M 34, 64
}]b{F 34, 64
}]bC' 34, 64
C'\k 34, 64
IP X7 34, 64
}]bX
u<]? 34, 65
G<S1k} 34, 65
ns]? 34, 65
}]bM'z,JDBC }/Lr 14
}]b`M,}]bVN 34, 64
}]b{F,}]bVN 34, 64
}]bC',}]bVN 34, 64
uo
%* 3
$ww(WF) 6
Zc 3
ZczmLr 3
:/ 3
:/I1 4
xg?p\mw 3
&CLr~qw 3
C'gf(UI) 6
jmsserver 9
WebSphere 6k={"+]'V 9
WebSphere Application Server 3
WebSphere Web ~qwe~ 4
3r
20,%;~qw 38
20,:/ 68
d|dC 46, 78
*s,:/20 61
[W]xg?p\mw
7#t/"KP 109
WebSphere Application Server 3
D5
(z!n vii
`X v, vi
Z_CJ vi
IBM DB2 vi
IBM Directory Server vi
IBM HTTP Server vi
Oracle vi
Sun ONE Directory Server vi
Web zm~qw vi
WebSphere 6k={"+]'V vi
WebSphere Application Server vi
D~mI(,libdelref 24
[X]53C'VN,WebSphere Application Server 36, 67
^F
,`Yw53 9
UI,,;FczOD WF :/I1 9
WebSphere 6k={"+]'V 104
WebSphere Application Server D`v5},,;Fcz 9
`XD5 v, vi
1eD> viii
6X
Tivoli Identity Manager 131
#f WebSphere PDdCE" 131
=h 132
?<~qw#= 131
d|z7 131
}]bm 131
hs
IBM HTTP Server 101
WebSphere Application Server Base 101
!n(
2+T 54, 56, 85, 87
#f 48, 80
?< 49, 81
U>G< 51, 83
}]b 50, 82
J~ 52, 84
UI 53, 85
144 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
[Y]*s
/@w,v Windows 102
AIX 99
CA $i 58, 90
IBM DB2 100
IBM Directory Server 101
Microsoft SQL Server 100
Oracle 100
Solaris 99
Sun ONE Directory Server 101
WebSphere Application Server xg?p 101
}Cj{T
IBM Directory Server 24
libdelref D~mI( 24
timdelref.conf 25
&CLr~qw,WebSphere Application Server 3
C' v
C'j6,Tivoli Identity Manager VN 37, 67
C'gfc,Tivoli Identity Manager 6
C'\k,}]bVN 34, 64
J~~qw{F 37, 66, 67
<(,vfoP vii
[Z]v?F},?<~qwVN 36, 66
'V,*5 vii
wz{,?<~qwVN 35, 65
we DN,?<~qwVN 35, 66
T/D,20%;~qwX8m~ 31
i/{F,?<~qwVN 35, 65
nuDXs!,?<~qwVN 35, 66
nsXs!,?<~qwVN 35, 66
ns]?,}]bXVN 34, 65
[XpV{]02+T1!n( 54, 85
0#f1!n( 48, 80
0?<1!n( 49, 81
0U>G<1!n( 51, 83
0}]b1!n( 50, 82
0J~1!n( 52, 84
0secret1w* Tivoli Identity Manager 20sDu<\k#
37, 67
[}V]2809
KZ 27
D~;C 27
8880
KZ 27
8880 (x)
D~;C 28
9043
KZ 27
9080
KZ 27
9090
KZ 27, 36
k wsmserver DKZe;,bv 104
9091
KZ 36
9443
KZ 27
Aadduser,|n 103
AIX,\'V6p 99
applheapsz
Zf;;ms,|} 17
>},|B itimdb 12
BBootstrap/rmi KZ 27
CCA $i
*s 58, 90
${ITIM_HOME}/cert ?< 58, 90
CD 93
chuser,|n 103
Ddb2 catalog,|n 15
db2 connect,|n 13
db2 create bufferpool,|n 13
db2 create,|n 12
db2 force application all,|n 13
db2 update,|n 12
db2InstanceHome, IBM DB2 15, 31, 61
db2InstanceName, IBM DB2 12
db2set,|n 11
db2start,|n 13
db2stop,|n 13
EEJB C'VN,WebSphere Application Server 37, 67
enrole
1!C'j6,}]b 51, 83
w} 145
enrole (x)
C'
Z:/FczO4( 14
Z IBM DB2 ~qwO4( 13
HHTTP ~qw
dCb?%* 117
HTTP a0VCT,kT:/ 88
IIBM DB2
|n
catalog 15
db2 connect 13
db2 create 12
db2 create bufferpool 13
db2 force application all 13
db2 update 12
db2set 11
db2start 13
db2stop 13
usejdbc2 16
Zf;;ms,9C applheapsz 17
dC 11
~qw 12
:eX 12
Z~qwO4(C' 13
Z:/FczO4(C' 14
applheapsz 17
JDBC }/Lr 14
TCP/IP (E 11
9C WebSphere Application Server 100
db2InstanceHome 15, 31, 61
db2InstanceName 12
IBM DB2 D5 vi
IBM Directory Server
dC
}Cj{T 24
k WebSphere – Express DKZe; 27
V4.1 24
D5 vi
IBM HTTP Server
20 106
20?<,VN 37
20 Tivoli Identity Manager 0xPlb 31
X8m~ 101
}6 125
D5 vi
T/20,%;~qw 31
HTTP a0VCT 88
Identity Manager DN ;C,?<~qwVN 35, 65
IP X7,}]bVN 34, 64
itimadmin
C' 37, 114
C'j6,WebSphere Application Server 67
EJB C' 111, 112, 113
JJ2EE 2+T
{C 116
dC
%Zc 111
`Zc 114, 115
V/=h 56, 87
JDBC
,S},}]bXDns]? 34, 65
w* IBM DB2 }]bM'zD}/Lr 14
JDK,f WebSphere Application Server ;pV" 102
JMS ~qw
WebSphere 6k={"+]'V 9
Llibdelref
I&{" 26
D~mI( 24
}Cj{T 24
MMicrosoft SQL Server
9C WebSphere Application Server 100
mkgroup,|n 103
mkuser,|n 103
mqbrkrs
i,Z AIX O8( 103
i,Z Solaris O8( 104
mqm
C',Z AIX O8( 103
C',Z Solaris O8( 104
i,Z AIX O8( 103
i,Z Solaris O8( 104
mqver 5CLr,WebSphere MQ 104
OOracle
20
AIX 17
Solaris 19
Windows 20
dC 20
9C WebSphere Application Server 100
Oracle D5 vi
146 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
Rroot
(^ 62
C' 62
C',mS= AIX ODi mqm"mqbrkrs 103
C',Z Solaris OmS=i mqm"mqbrkrs 104
runConfig,CZ53dC 56, 87
SSOAP ,SwKZ 28
Solaris
\'VD6p 99
Tivoli Identity Manager ZK5 100
Sun ONE Directory Server
dC 28
9C IBM Directory Server 101
9C WebSphere Application Server 101
D5 vi
TTCP/IP dC,IBM DB2 11
timdelref.conf 25
Tivoli Identity Manager
dC
9C WebSphere Application Server D^F 9
02+T1!n( 54, 85
0#f1!n( 48, 80
0?<1!n( 49, 81
0U>G<1!n( 51, 83
0}]b1!n( 50, 82
0J~1!n( 52, 84
UI !n( 53, 85
uo
$ww(WF) 6
C'gf(UI) 6
6X 131
#f WebSphere PDdCE" 131
=h 132
?<~qw#= 131
d|z7 131
}]bm 131
VN
\k 37, 67
C'j6 37, 67
Tivoli Identity Manager ~qw
20
%;~qw 31
wL<,%;~qw 37
wL<,:/ 67
:/ 61
T/D 31
bT(E 57, 89
CA $i 58, 90
UUI !n( 53, 85
usejdbc2,|n 16
Wwasadmin
53C' 111, 113
C' 114
C'j6,WebSphere Application Server 36
wasadmin C'j6,WebSphere Application Server 67
Web zm~qw
D5 vi
web /@w,vZ Windows O\'V 102
WebSphere 6k={"+]'V
20 Tivoli Identity Manager 0xPlb 31
M WebSphere MQ 9
D5 vi
$HfZD WebSphere MQ 104
8(C'Mi,Z AIX O 103
8(C'Mi,Z Solaris O 104
T/20,%;~qw 31
w*xL 9
WebSphere Application Server
20 Tivoli Identity Manager 0xPlb 31
X8m~
\'VD JDK 102
S\ 36, 66
dC
%;~qw 4
%;:/ 6
&\:/ 7
9C Tivoli Identity Manager D^F 9
k WebSphere – Express DKZe; 27
+V2+T
hC 36, 43, 66, 75
53C'VN 36, 67
EJB C'VN 37, 67
itimadmin 113
wasadmin 113
uo
%* 3
Zc 3
ZczmLr 3
:/ 3
:/I1 4
xg?p\mw 3
&CLr~qw 3
jmsserver 9
WebSphere 6k={"+]'V 9
WebSphere Web ~qwe~ 4
VN
20?< 36, 66
KZ 36
~qw{F 36
w} 147
WebSphere Application Server (x)
VN (x)
$w>Dwz{ 36
Zc{ 36
:/{F 66
U>G<6p 37, 66, 67
J~~qw{F 37, 66, 67
IBM DB2 D\'V6p 100
IBM Directory Server D\'V6p 101
Microsoft SQL Server D\'V6p 100
Oracle D\'V6p 100
Sun ONE Directory Server D\'V6p 101
WebSphere Application Server xg?p
20 105
X8m~ 101
WebSphere Application Server D5 vi
WebSphere Application Server Base
20 107
X8m~ 101
V/20,:/ 109
T/20,%;~qw 31
WebSphere MQ
XhD&\?~ 104
M WebSphere 6k={"+]'V 9
h* CSD |B 104
mqvr 5CLr 104
{ITIM_HOME} 113
{ITIM_HOME}/cert ?<,kT CA $i 58, 90
{WAS_HOME} 112
148 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D UNIX)
���
LrE: 5724–C34
Pz!"
S152-0643-00