Set the parameters for the SiteMinder Policy Server installation.
You need the following information to complete the SiteMinder Policy Server parameters.
Follow these steps:
Leave as the default, VMWare
Database user with DBA privileges for Oracle and Postgres. The default is caadmin. For an upgrade on Oracle, _oracle_schema_user is used if db_schema_user is not set.
Password for user defined by db_schema_user. If this property is blank on an upgrade from Oracle, _Oracle_schema_password is used.
An Oracle database user with DBA and Connect privileges. This property remains for backwards compatibility with CA CloudMinder 1.5. If it is set and db_schema_user is not set, db_schema_user uses this value.
For upgrade, you can leave this unchanged or set it to the value used for _db_schema_user.
The password for the oracle_schema_user. This property remains for backwards compatibility with CA CloudMinder 1.5. If it is set and db_schema_password is not set, db_schema_password uses this value.
For upgrade, you can leave this unchanged or set it to the value used for _db_schema_password.
Hostname of Oracle and Postgres database server. For an Oracle RAC setup, use the RAC host name.
For Oracle, the SID or Service name (use the Service name for an Oracle RAC setup); for PostgreSQL, the default database name..
For Oracle,enter the path to the tablespace file as follows:
<path_to_PS_tablespace_file>/<name_of_PS_tablespace_file.dbf>
This property is not used for PostgreSQL. Make a note of this value so you can use it later during the installation process.
For Oracle, the size of the table space for the SiteMinder Policy Server database. We recommend an initial size of 1000MB. This property is not used for PostgreSQL.
For a high-availability deployment, enter the host name where you plan to install the second SiteMinder Policy Server.
Note: If you have three or more instances of SiteMinder Policy Server, separate the entries with commas. For example: PolicyServer2, PolicyServer3. Do not include the host name on which you are currently installing.
In a single-instance deployment, leave this parameter blank.
A user name for the Oracle or PostgreSQL database user for the Policy Server database. Create any user name.
Make a note of this user name so you can use it later during the installation process.
A password for the Oracle or PostgreSQL database user for the SiteMinder Policy Server database. Create any password.
Make a note of this password so you can use it later during the installation process.
Table space name for the Policy Server database. Create any table space name.
Make a note of this name so you can use it later during the installation process. This property is not used for PostgreSQL.
A user name for the Advanced Authentication Oracle or PostgreSQL database. Create any user name.
Make a note of this user name so you can use it later during the installation process. Use the same value for _im_webfort_user when you install the Identity Management Server.
A password for the aa_db_user. Create any password.
Make a note of this password so you can use it later during the installation process. Use the same value for _im_webfort_password when you install the Identity Management Server.
Enter a name for the Oracle tablespace file for the Advanced Authentication database, in one of the following formats. This property is not used for PostgreSQL.
<name_of_AA_tablespace_file>
<path_to_AA_tablespace_file>/<name_of_AA_tablespace_file.dbf>
The size of the file for the table space for the Advanced Authentication database. We recommend an initial size of 1000MB. This property is not used for PostgreSQL.
The name of the Advanced Authentication table space.This property is not used for PostgreSQL.
The name of a user who starts the Advanced Authentication Tomcat service. Leave as the default, root.
An encryption key for the Policy Server. Enter any string for the encryption key.
Note: This key is used in encryption processes by the SiteMinder policy server. Choose a string that fulfills typical password best practices.
A password for the default SiteMinder user. Create any password.
Make a note of this password so you can use it later during the installation process. Use the same value for _generic_password when you install the Identity Management Server.
Leave as the default, 10.
Enter the path on your local system or in a file share to the license.dat file for your SiteMinder Policy Server. Enter the path in the following format:
<path_to_license.dat_file>/license.dat
User name for Web Services. Leave as the default, dsaweb.
Enter the same password you entered for _dir_webservices_password in the properties file for the first CA Directory instance.
Set to false if you are installing a SiteMinder Policy Server.
Note: This parameter allows you to install a CSP Console through this installer. Set this to False to prevent a CSP Console from installing.
Important! Set this to true only once for your entire deployment. You only need one CSP Console instance, even in a high-availability deployment.
We recommend that you install a CSP console on a system separate from your SiteMinder Policy Server.
Set to false if you are installing a SiteMinder Policy Server.
Note: This parameter allows you to install a CSP DSA through this installer. Set this to False to prevent a CSP Console from installing.
Important! Set this to true only once for your entire deployment. You only need one CSP DSA instance, even in a high-availability deployment.
We recommend that you install a CSP DSA on the same system on which you install the CSP Console. Install the CSP Console and CSP DSA on a system separate from your SiteMinder Policy Server.
Port used by Web Services. Leave as the default, 9080, unless you cannot use this port in your environment. If you must change the web services port, enter a new port number.
Note: If you must change the web services port, use the same port for web services on all servers.
User name for Web Services. Leave as the default, dsaweb.
Enter the same password you entered for _dir_webservices_password in the properties file for the first CA Directory instance.
Leave as the default, cacsp.
Enter the host name of the system where you plan to install the CSP DSA.
Port used for CSP DSA. Leave as the default, 50000, unless you cannot use this port in your environment. If you must change the web services port, enter a new port number.
Note: If you must change the CSP DSA port, use the same port for the CSP DSA on all SiteMinder Policy Servers.
The administrator password for the default user cspadmin in the CSP DSA. Create any password.
Make a note of this password for future use.
Note: The installation automatically creates the cspadmin user name. You choose the password to apply to this account.
Leave as the default, cspwebservice.
Leave as the default. Internal use, do not change.
Required. The ODBC data source name. Enter any name for the data source.
Required. Enter the URL for Tenant Web Sevices, using the following format:
http://<internal_host:internal_tomcat_port>/tenant-services/cm/tenantws
Required. Enter the base URL for the Identity Management Server, using the following format:
https://<external_host>/iam/im/
This information is used for browser redirect.
Required. The configuration id for Tenant Web Services. The default value, tenantwebservices, is pre-populated.
If you want to use a different value, you must update the value here and in the Identity Management Server properties file.
Required. The plain shared secret used by Tenant Web Services. The default value, firewall, is pre-populated.
We recommend that you change this value. Enter any value.
Note: You must update the value here and in the Identity Management Server properties file.
Required. Enter the internal host address.
Required. Enter the external host address, i.e., the domain exposed to the outside world. Supply the host name even though the parameter name ends with _port.
Required. Enter the external host address, i.e., the domain exposed to the outside world. Supply the host name even though the parameter name ends with _port.
Required. A user name in the Identity Management data store. Enter any user name.
Make a note of this user name so you can use it later during the installation process. Use the same value for _im_db_user when you install the Identity Management Server. This user is created during Identity Management installation.
A password for the user defined in _tws_imdb_user. Enter any password.
Make a note of this password so you can use it later during the installation process. Use the same value for _im_db_password when you install the Identity Management Server.
Enter the host name of the system where you plan to install the Identity Management Server. This is used in TWS for accessing the web services deployed in the Identity Management Server.
Enter the host name of the primary IdentityMinder Provisioning Server. This is the first Provisioning Server you installed.
Enter the host name of the secondary or failover IdentityMinder Provisioning Server. This is the second Provisioning Server you installed.
Set to true to enable advanced authentication.
Default location of your SiteMinder installation. For example: /opt/CA.
Location of an existing 64-bit JRE if preinstalled. Set this parameter if you choose to install your JRE separately. In this case, symbolically link /opt/java64 to your JRE.
However, instead of installing a JRE separately, the system installer can do this automatically. We recommend that you download a JRE and allow the system to install it.
See the JAVA64_KIT parameter.
Location of a 64-bit JRE that you download to the local system or to a file share. If this parameter is set, the server kit will install this JRE automatically.
Leave blank for installation. This parameter is intended for upgrades, not installation.
Location of an existing 32-bit JRE if preinstalled. Set this parameter if you choose to install your JRE separately. In this case, symbolically link /opt/java32 to your JRE.
However, instead of installing a JRE separately, the system installer can do this automatically. We recommend that you download a JRE and allow the system to install it.
See the JAVA32_KIT parameter.
Location of a 32-bit JRE that you download to the local system or to a file share. If this parameter is set, the server kit will install this JRE automatically.
Leave blank for installation. This parameter is intended for upgrades, not installation.
Enter the file path, on the local system or a file share, of the JBoss to install. The JBoss kit should be in zip file format. JBOSS can be either the community version or the Enterprise Application Platform (EAP).
IP address or host name of the NTP server to use to synchronize the server time.
Required. The path for the orcl_aa_report.dbf file, in the following format:
<Path on Oracle Server>/orcl_aa_report.dbf
Required. The size of the file for the table space for Advanced Authentication reports. Leave as the default, 20M.
Leave as the default, $USER_INSTALL_DIR/AdvancedAuth/Tomcat/logs
This is the location of catalina.log.
Note: This file is critical for upgrades. We recommend that you back up this file. This file contains passwords, so be sure to save it in a secure location.
Important! The original properties.sh file resides in a temp folder. If the server is shut down, the properties.sh file is discarded. Therefore, rename and back up this file before proceeding with any further installation or use of the system.
|
Copyright © 2014 CA.
All rights reserved.
|
|