Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
en:services:general_services:idm:installing_remote_loader_software [2023/02/01 16:33] – [Configuration] skloepp2 | en:services:general_services:idm:installing_remote_loader_software [2024/09/05 15:04] (current) – [Overview] ggroesc | ||
---|---|---|---|
Line 8: | Line 8: | ||
</ | </ | ||
- | For system requirements see: [[https:// | + | For system requirements see: [[https:// |
===== Installation on Windows | ===== Installation on Windows | ||
- | Remote loader files: [[https:// | + | Remote loader files: [[https:// |
- | Remote loader | + | Remote loader |
Sectigo-chain: | Sectigo-chain: | ||
- | Documentation remote loader installation (NetIQ) P. 59 ff: [[https:// | + | Documentation remote loader installation (NetIQ) P. 47 ff: [[https:// |
- | PW-Filter installation P 47 ff: [[https:// | + | Documentation remote loader configuration (NetIQ) P. 32 ff: [[https:// |
+ | Documentation Creating an Administrative Account (NetIQ) P. 26 ff: [[https:// | ||
+ | PW-Filter installation P 47 ff: [[https:// | ||
==== Installation | ==== Installation | ||
- | * Download remote loader files | + | * We strongly recommend not to install directly on a domain controller but using a member server of the domain |
- | * Download | + | * Download remote loader files and Remote loader service pack |
+ | * Download | ||
* Extract remote loader files and certificate | * Extract remote loader files and certificate | ||
- | * Run '' | + | |
- | * | + | |
- | * Ignore licence warning | + | |
- | * Run '' | + | |
- | * Verify | + | * Run '' |
+ | * How to verify | ||
+ | | ||
+ | * Switch | ||
==== Configuration | ==== Configuration | ||
- | * Run rlconsole.exe within the installation path **as administrator** (Default: C:\Novell\RemoteLoader) | + | * Run rlconsole.exe within the installation path **as administrator** (Default: C:\NetIQ\IDM\RemoteLoader) |
- | * Click add | + | * Click add |
- | * Add description | + | * Add description |
- | * Choose driver (eg. ADDriver.dll) | + | * Choose driver (eg. ADDriver.dll) |
- | * Choose the IP address where to listen (Default: All) | + | * Choose the IP address where to listen (Default: All) |
- | * Set communication port (Default: 8090) | + | * Set communication port (Default: 8090) |
- | * Set remote loader password (required by GWDG) | + | * Set remote loader password (required by GWDG) |
- | * Set driver object password (required by GWDG) | + | * Requirements: |
- | * Activate SSL | + | * Set driver object password (required by GWDG) |
- | * | + | * Requirements: |
- | * Select | + | * Activate SSL |
- | * Accept (don't start the remote loader service) | + | * Choose |
- | * Go to the installation path (Default: C: | + | * Check "Remote Loader-Service für diese Treiber-Instanz erstellen" |
- | * Start the remote loader | + | * Accept (don't start the remote loader service) |
- | + | * Open windows services | |
- | ==== Notices | + | * Start the remote loader |
- | If you are using the Active Directory driver the user who runs the service needs to be in the **local** administrator group. | + | |
+ | ==== Active Directory User ==== | ||
+ | * The user who runs the service has to be in the **local** administrator group (Local Users and Groups -> Groups -> Administrators). | ||
+ | * Necessary user right: " | ||
+ | * Domain -> Properties -> Tab Security -> Advanced -> Add | ||
+ | * Choose user -> "clear all" -> check " | ||
+ | * Necessary user right: "Log on as a service" | ||
+ | * Full access for relevant objects in ou/ | ||
+ | * Container -> Properties -> Security -> Advanced -> Add -> choose user -> Descendant User objects/ | ||
===== Installation on Linux ===== | ===== Installation on Linux ===== | ||
- | The installation on Linux systems differs between certified | + | The installation on Linux systems differs between certified |
If you are using a non-certified system eg. Ubuntu the Java remote loader has to be installed. | If you are using a non-certified system eg. Ubuntu the Java remote loader has to be installed. | ||
==== Installation on certified Linux systems | ==== Installation on certified Linux systems | ||
- | Remote loader files: [[https:// | + | Remote loader files: [[https:// |
- | Remote loader | + | Remote loader |
Sectigo-chain: | Sectigo-chain: | ||
- | Documentation remote loader installation (NetIQ) P. 35ff: [[https:// | + | Documentation remote loader installation (NetIQ) P. 65ff: [[https:// |
=== Prerequisites | === Prerequisites | ||
Line 61: | Line 74: | ||
* Extract the certificate | * Extract the certificate | ||
- | == CentOS | + | == CentOS |
The 32Bit version of glibc has to be installed on x86_64 systems: | The 32Bit version of glibc has to be installed on x86_64 systems: | ||
< | < | ||
Line 90: | Line 103: | ||
==== Installation on **non-certified** Linux systems | ==== Installation on **non-certified** Linux systems | ||
- | Remote Loader files: [[https:// | + | Remote Loader files: [[https:// |
- | Sectigo-chain: | + | Sectigo-chain: |
=== Prerequisites | === Prerequisites | ||
Line 98: | Line 111: | ||
* Extract the certificate | * Extract the certificate | ||
* JRE Java8u112, at a minimum is required | * JRE Java8u112, at a minimum is required | ||
+ | * Java has to be in PATH variable! < | ||
+ | PATH=$PATH:/ | ||
+ | </ | ||
+ | * Apache Log4j is necessary and need to be in the '' | ||
=== Install Java remote loader | === Install Java remote loader | ||
* Extract Java remote loader | * Extract Java remote loader | ||
- | * Make dirxml_jremote and create_keystore executable | + | * Make '' |
- | ==== Configuration | + | === Configuration |
- | * Change into installation directory eg. /// | + | * Change into installation directory eg. /// |
- | * Crerate | + | * Create |
- | * < | + | * Edit dirxml_jremote |
- | * Edit dirxml_jremote | + | * Replace the path for the jarlist with the actual installation path < |
- | * < | + | jarlist=`ls /< |
- | * with | + | * Add core and api jar of log4j to CLASSPATH e.g. < |
- | * < | + | </ |
* Add/Edit **config8000.txt** | * Add/Edit **config8000.txt** | ||
- | + | * Example LDAP Konfiguration: < | |
- | + | ||
- | **Example LDAP Konfiguration** | + | |
- | < | + | |
-commandport 8000 | -commandport 8000 | ||
- | -connection " | + | -connection " |
-trace 4 | -trace 4 | ||
-tracefile ./ | -tracefile ./ | ||
Line 123: | Line 137: | ||
-class com.novell.nds.dirxml.driver.ldap.LDAPDriverShim | -class com.novell.nds.dirxml.driver.ldap.LDAPDriverShim | ||
</ | </ | ||
- | * Set remote loader and driver object password | + | * Set remote loader and driver object password |
- | < | + | * Both are required by GWDG and need to be set in the complement driver |
+ | * Password requirements: | ||
./ | ./ | ||
</ | </ | ||
- | * Run the Java remote loader: | + | * Run the Java remote loader: < |
- | < | + | |
./ | ./ | ||
- | </ | ||
- | * Java has to be in PATH variable! | ||
- | < | ||
- | PATH=$PATH:/ | ||
</ | </ | ||
Line 140: | Line 150: | ||
< | < | ||
#!/bin/sh | #!/bin/sh | ||
- | INSTDIR=/ | + | INSTDIR=/ |
- | STAGEDIR=$INSTDIR/ | + | |
USER=ldap | USER=ldap | ||