Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
en:services:general_services:idm:installing_remote_loader_software [2023/06/30 14:26] – [Installation on certified Linux systems] ggroescen:services:general_services:idm:installing_remote_loader_software [2024/05/28 10:02] – [Configuration] ggroesc
Line 8: Line 8:
 </code> </code>
  
-For system requirements see: [[https://www.netiq.com/documentation/identity-manager-47/pdfdoc/driver_admin/driver_admin.pdf|System requirements P. 15]]+For system requirements see: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/driver_admin/driver_admin.pdf|System requirements]]
  
 =====  Installation on Windows  ===== =====  Installation on Windows  =====
Line 16: Line 16:
 Documentation remote loader installation (NetIQ) P. 47 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_windows/setup_windows.pdf#page=47|- link -]]\\  Documentation remote loader installation (NetIQ) P. 47 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_windows/setup_windows.pdf#page=47|- link -]]\\ 
 Documentation remote loader configuration (NetIQ) P. 32 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/driver_admin/driver_admin.pdf#b18xta1v|- link -]]\\  Documentation remote loader configuration (NetIQ) P. 32 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/driver_admin/driver_admin.pdf#b18xta1v|- link -]]\\ 
 +Documentation Creating an Administrative Account (NetIQ) P. 26 ff: [[https://www.netiq.com/documentation/identity-manager-48-drivers/pdfdoc/ad/ad.pdf#page=26|- link -]]\\ 
 PW-Filter installation P 47 ff: [[https://www.netiq.com/documentation/identity-manager-48-drivers/pdfdoc/ad/ad.pdf#page=47|- link -]] PW-Filter installation P 47 ff: [[https://www.netiq.com/documentation/identity-manager-48-drivers/pdfdoc/ad/ad.pdf#page=47|- link -]]
  
 ====  Installation  ==== ====  Installation  ====
-  *  Download remote loader files +  *  Download remote loader files and Remote loader service pack 
-  *  Download T-TeleSec-GlobalRoot-Class-2 certificate+  *  Download Sectigo chain
   *  Extract remote loader files and certificate   *  Extract remote loader files and certificate
-  *  unblock extracted files e.g. ''childitem -path C:\Downloads\RemoteLoader4.8Setup -recurse | unblock-file'' +  *  If necessary unblock extracted files e.g. ''childitem -path C:\Downloads\RemoteLoader4.8Setup -recurse | unblock-file'' 
-  *  Run ''idm_install.exe'' +  *  Run ''install.exe'' 
-  *  Choose only **Novell Identity Manager Connected System Server (64-bit)**  +     Recommendation: Do not install directly on a domain controller but on a active directory member server. 
-  *  Ignore licence warning +   Accept license agreement (can be ignored is associated with IDENTITY MANAGER server software not the remote loader
-  * Run ''install.bat'' of service pack  +  * Run ''IdentityManagerServer\install.exe'' of service pack  
-  * Verify if SP is installed. Go to the installation path (Default: C:\Novell\RemoteLoader). Open Preferences of file ''dirxml_remote.exe''switch to Details Tab. Check if Productversion is 4.8.__6__.0 where __6__ ist the Number of the downloaded SP.+  * How to verify if SP is installed.  
 +     Go to the installation path (Default: C:\NetIQ\IDM\RemoteLoader\64bit). Open preferences of file ''dirxml_remote.exe'' 
 +     * Switch to details tab. Check if productversion is 4.8.__6__.0 where __6__ ist the Number of the downloaded SP.
  
 ====  Configuration  ==== ====  Configuration  ====
-  *  Run rlconsole.exe within the installation path **as administrator** (Default: C:\Novell\RemoteLoader) +  * Run rlconsole.exe within the installation path **as administrator** (Default: C:\NetIQ\IDM\RemoteLoader) 
-  *  Click add +  * Click add 
-  *  Add description +  * Add description 
-  *  Choose driver (eg. ADDriver.dll) +  * Choose driver (eg. ADDriver.dll) 
-  *  Choose the IP address where to listen (Default: All)  +  * Choose the IP address where to listen (Default: All)  
-  *  Set communication port (Default: 8090) +  * Set communication port (Default: 8090) 
-  *  Set remote loader password (required by GWDG) +  * Set remote loader password (required by GWDG
-  *  Set driver object password (required by GWDG) +    * Requirements: At least 12 character of upper and lower case letters and digits (no special character
-  *  Activate SSL +  * Set driver object password (required by GWDG
-  *  choose path to //Sectigo-chain.b64// +    * Requirements: At least 12 character of upper and lower case letters and digits (no special character
-  * Select "run as servcie+  * Activate SSL 
-  *  Accept (don't start the remote loader service) +  * Choose path to //Sectigo-chain.b64// 
-  * Go to the installation path (Default: C:\Novell\RemoteLoader) and edit the file <instanceName>-Config.txt (maybe you have to open the file as administrator) +  * Check "Remote Loader-Service für diese Treiber-Instanz erstellen
-  *  Start the remote loader +  * Accept (don't start the remote loader service) 
- +  * Open windows services (services.mscidentify the "DirXML Loader" Service and enter the active directory user as service logon account 
-====  Notices  ==== +  * Start the remote loader
-If you are using the Active Directory driver the user who runs the service needs to be in the **local** administrator group.+
  
 +====  Active Directory User ====
 +  * The user who runs the service has to be in the **local** administrator group (Local Users and Groups -> Groups -> Administrators).
 +  * Necessary user right: "Replicating Directory Changes" (**not** Replication Directory Changes All) for all object and all descendant objects for the domain
 +    * Domain -> Properties -> Tab Security -> Advanced -> Add
 +    * choose user -> "clear all" -> check  "Replicating Directory Changes"
 +  * Necessary user right: "Log on as a service"
 +  * Full access for relevant objects in ou/container
 +    * Container -> Properties -> Security -> Advanced -> Add -> choose user -> Descendant User objects/Descendant Group objects -> check "Full control"
 =====  Installation on Linux  ===== =====  Installation on Linux  =====
 The installation on Linux systems differs between certified systems (eg SLES 15, RHEL 8, etc. [[https://www.netiq.com/documentation/identity-manager-48/system-requirements-identity-manager-48x/data/system-requirements-identity-manager-48x.html|see ]]) and non-certified systems. The installation on Linux systems differs between certified systems (eg SLES 15, RHEL 8, etc. [[https://www.netiq.com/documentation/identity-manager-48/system-requirements-identity-manager-48x/data/system-requirements-identity-manager-48x.html|see ]]) and non-certified systems.
Line 63: Line 73:
   *  Extract the certificate   *  Extract the certificate
  
-==  CentOS  ==+==  CentOS  ==
 The 32Bit version of glibc has to be installed on x86_64 systems: The 32Bit version of glibc has to be installed on x86_64 systems:
 <code> <code>
Line 92: Line 102:
  
 ====  Installation on **non-certified** Linux systems  ==== ====  Installation on **non-certified** Linux systems  ====
-Remote Loader files: [[https://idm.gwdg.de/RemoteLoader/JavaRemoteLoader4.8.5.zip|- download -]]\\  +Remote Loader files: [[https://idm.gwdg.de/RemoteLoader/JavaRemoteLoader4.8.7.zip|- download -]]\\  
-Sectigo-chain: [[https://idm.gwdg.de/RemoteLoader/Sectigo-chain.zip|- download -]]\\ Documentation remote loader installation (NetIQ) P. 43ff: [[https://www.netiq.com/documentation/identity-manager-47/pdfdoc/setup_linux/setup_linux.pdf#installlinuxjavaremoteloader|- link -]]+Sectigo-chain: [[https://idm.gwdg.de/RemoteLoader/Sectigo-chain.zip|- download -]]\\ Documentation remote loader installation (NetIQ) P. 75ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_linux/setup_linux.pdf#installlinuxjavaremoteloader|- link -]]
  
 ===  Prerequisites  === ===  Prerequisites  ===