Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
en:services:general_services:idm:installing_remote_loader_software [2023/06/30 14:18] – [Installation on Linux] ggroescen:services:general_services:idm:installing_remote_loader_software [2024/05/28 10:04] (current) – [Active Directory User] ggroesc
Line 8: Line 8:
 </code> </code>
  
-For system requirements see: [[https://www.netiq.com/documentation/identity-manager-47/pdfdoc/driver_admin/driver_admin.pdf|System requirements P. 15]]+For system requirements see: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/driver_admin/driver_admin.pdf|System requirements]]
  
 =====  Installation on Windows  ===== =====  Installation on Windows  =====
Line 16: Line 16:
 Documentation remote loader installation (NetIQ) P. 47 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_windows/setup_windows.pdf#page=47|- link -]]\\  Documentation remote loader installation (NetIQ) P. 47 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_windows/setup_windows.pdf#page=47|- link -]]\\ 
 Documentation remote loader configuration (NetIQ) P. 32 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/driver_admin/driver_admin.pdf#b18xta1v|- link -]]\\  Documentation remote loader configuration (NetIQ) P. 32 ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/driver_admin/driver_admin.pdf#b18xta1v|- link -]]\\ 
 +Documentation Creating an Administrative Account (NetIQ) P. 26 ff: [[https://www.netiq.com/documentation/identity-manager-48-drivers/pdfdoc/ad/ad.pdf#page=26|- link -]]\\ 
 PW-Filter installation P 47 ff: [[https://www.netiq.com/documentation/identity-manager-48-drivers/pdfdoc/ad/ad.pdf#page=47|- link -]] PW-Filter installation P 47 ff: [[https://www.netiq.com/documentation/identity-manager-48-drivers/pdfdoc/ad/ad.pdf#page=47|- link -]]
  
 ====  Installation  ==== ====  Installation  ====
-  *  Download remote loader files +  *  Download remote loader files and Remote loader service pack 
-  *  Download T-TeleSec-GlobalRoot-Class-2 certificate+  *  Download Sectigo chain
   *  Extract remote loader files and certificate   *  Extract remote loader files and certificate
-  *  unblock extracted files e.g. ''childitem -path C:\Downloads\RemoteLoader4.8Setup -recurse | unblock-file'' +  *  If necessary unblock extracted files e.g. ''childitem -path C:\Downloads\RemoteLoader4.8Setup -recurse | unblock-file'' 
-  *  Run ''idm_install.exe'' +  *  Run ''install.exe'' 
-  *  Choose only **Novell Identity Manager Connected System Server (64-bit)**  +     Recommendation: Do not install directly on a domain controller but on a active directory member server. 
-  *  Ignore licence warning +   Accept license agreement (can be ignored is associated with IDENTITY MANAGER server software not the remote loader
-  * Run ''install.bat'' of service pack  +  * Run ''IdentityManagerServer\install.exe'' of service pack  
-  * Verify if SP is installed. Go to the installation path (Default: C:\Novell\RemoteLoader). Open Preferences of file ''dirxml_remote.exe''switch to Details Tab. Check if Productversion is 4.8.__6__.0 where __6__ ist the Number of the downloaded SP.+  * How to verify if SP is installed.  
 +     Go to the installation path (Default: C:\NetIQ\IDM\RemoteLoader\64bit). Open preferences of file ''dirxml_remote.exe'' 
 +     * Switch to details tab. Check if productversion is 4.8.__6__.0 where __6__ ist the Number of the downloaded SP.
  
 ====  Configuration  ==== ====  Configuration  ====
-  *  Run rlconsole.exe within the installation path **as administrator** (Default: C:\Novell\RemoteLoader) +  * Run rlconsole.exe within the installation path **as administrator** (Default: C:\NetIQ\IDM\RemoteLoader) 
-  *  Click add +  * Click add 
-  *  Add description +  * Add description 
-  *  Choose driver (eg. ADDriver.dll) +  * Choose driver (eg. ADDriver.dll) 
-  *  Choose the IP address where to listen (Default: All)  +  * Choose the IP address where to listen (Default: All)  
-  *  Set communication port (Default: 8090) +  * Set communication port (Default: 8090) 
-  *  Set remote loader password (required by GWDG) +  * Set remote loader password (required by GWDG
-  *  Set driver object password (required by GWDG) +    * Requirements: At least 12 character of upper and lower case letters and digits (no special character
-  *  Activate SSL +  * Set driver object password (required by GWDG
-  *  choose path to //Sectigo-chain.b64// +    * Requirements: At least 12 character of upper and lower case letters and digits (no special character
-  * Select "run as servcie+  * Activate SSL 
-  *  Accept (don't start the remote loader service) +  * Choose path to //Sectigo-chain.b64// 
-  * Go to the installation path (Default: C:\Novell\RemoteLoader) and edit the file <instanceName>-Config.txt (maybe you have to open the file as administrator) +  * Check "Remote Loader-Service für diese Treiber-Instanz erstellen
-  *  Start the remote loader +  * Accept (don't start the remote loader service) 
- +  * Open windows services (services.mscidentify the "DirXML Loader" Service and enter the active directory user as service logon account 
-====  Notices  ==== +  * Start the remote loader
-If you are using the Active Directory driver the user who runs the service needs to be in the **local** administrator group.+
  
 +====  Active Directory User ====
 +  * The user who runs the service has to be in the **local** administrator group (Local Users and Groups -> Groups -> Administrators).
 +  * Necessary user right: "Replicating Directory Changes" (**not** Replication Directory Changes All) for all object and all descendant objects for the domain
 +    * Domain -> Properties -> Tab Security -> Advanced -> Add
 +    * Choose user -> "clear all" -> check  "Replicating Directory Changes"
 +  * Necessary user right: "Log on as a service"
 +  * Full access for relevant objects in ou/container
 +    * Container -> Properties -> Security -> Advanced -> Add -> choose user -> Descendant User objects/Descendant Group objects -> check "Full control"
 =====  Installation on Linux  ===== =====  Installation on Linux  =====
-The installation on Linux systems differs between certified sytsems (SLES 12, RHEL 7.6, etc. [[https://www.netiq.com/documentation/identity-manager-48/system-requirements-identity-manager-48x/data/system-requirements-identity-manager-48x.html|see ]]) and non-certified systems.+The installation on Linux systems differs between certified systems (eg SLES 15, RHEL 8, etc. [[https://www.netiq.com/documentation/identity-manager-48/system-requirements-identity-manager-48x/data/system-requirements-identity-manager-48x.html|see ]]) and non-certified systems.
 If you are using a non-certified system eg. Ubuntu the Java remote loader has to  be installed. If you are using a non-certified system eg. Ubuntu the Java remote loader has to  be installed.
  
 ====  Installation on certified Linux systems  ==== ====  Installation on certified Linux systems  ====
-Remote loader files: [[https://idm.gwdg.de/RemoteLoader/RemoteLoader4.7LinuxSetup.iso|- download -]]\\  +Remote loader files: [[https://idm.gwdg.de/RemoteLoader/RemoteLoader4.8LinuxSetup.zip|- download -]]\\  
-Remote loader SP 4: [[https://idm.gwdg.de/RemoteLoader/RemoteLoader4.7LinuxSP4.zip|- download -]]\\ +Remote loader service pack: [[https://idm.gwdg.de/RemoteLoader/RemoteLoader4.8LinuxSP6.zip|- download -]]\\ 
 Sectigo-chain: [[https://idm.gwdg.de/RemoteLoader/Sectigo-chain.zip|- download -]]\\  Sectigo-chain: [[https://idm.gwdg.de/RemoteLoader/Sectigo-chain.zip|- download -]]\\ 
-Documentation remote loader installation (NetIQ) P. 35ff: [[https://www.netiq.com/documentation/identity-manager-47/pdfdoc/setup_linux/setup_linux.pdf#installidentitymanagerlinux|- link -]]+Documentation remote loader installation (NetIQ) P. 65ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_linux/setup_linux.pdf#installidentitymanagerlinux|- link -]]
  
 ===  Prerequisites  === ===  Prerequisites  ===
Line 63: Line 73:
   *  Extract the certificate   *  Extract the certificate
  
-==  CentOS  ==+==  CentOS  ==
 The 32Bit version of glibc has to be installed on x86_64 systems: The 32Bit version of glibc has to be installed on x86_64 systems:
 <code> <code>
Line 92: Line 102:
  
 ====  Installation on **non-certified** Linux systems  ==== ====  Installation on **non-certified** Linux systems  ====
-Remote Loader files: [[https://idm.gwdg.de/RemoteLoader/JavaRemoteLoader4.8.5.zip|- download -]]\\  +Remote Loader files: [[https://idm.gwdg.de/RemoteLoader/JavaRemoteLoader4.8.7.zip|- download -]]\\  
-Sectigo-chain: [[https://idm.gwdg.de/RemoteLoader/Sectigo-chain.zip|- download -]]\\ Documentation remote loader installation (NetIQ) P. 43ff: [[https://www.netiq.com/documentation/identity-manager-47/pdfdoc/setup_linux/setup_linux.pdf#installlinuxjavaremoteloader|- link -]]+Sectigo-chain: [[https://idm.gwdg.de/RemoteLoader/Sectigo-chain.zip|- download -]]\\ Documentation remote loader installation (NetIQ) P. 75ff: [[https://www.netiq.com/documentation/identity-manager-48/pdfdoc/setup_linux/setup_linux.pdf#installlinuxjavaremoteloader|- link -]]
  
 ===  Prerequisites  === ===  Prerequisites  ===