qw208o kt9c websphere d windows 2000 -...
TRANSCRIPT
IBM Tivoli Identity Manager
~qw208O(kT9CWebSphere D Windows 2000)f> 4.5.0
S152-0642-00
���
IBM Tivoli Identity Manager
~qw208O(kT9CWebSphere D Windows 2000)f> 4.5.0
S152-0642-00
���
"b:
Z9C>JO0d'VDz7.0,kDAZ 127 3D=< H, :yw;PDE"#
Z~f(2003 j 9 B)
>f>JCZ Tivoli Identity Manager V4.5.0 T0yPDsx"PfM^)f,1=ZBf>PmPyw*9#
© Copyright International Business Machines Corporation 2003. All rights reserved.
?<
0T . . . . . . . . . . . . . . . . v>iDA_ . . . . . . . . . . . . . . . vvfo . . . . . . . . . . . . . . . . v
Tivoli Identity Manager ~qwJOb . . . . . vX8m~z7vfo . . . . . . . . . . . vi`Xvfo . . . . . . . . . . . . . . viZ_CJvfo . . . . . . . . . . . . vii
(z!n . . . . . . . . . . . . . . . vii*5m~'V . . . . . . . . . . . . . . vii>iP9CD<( . . . . . . . . . . . . viiInstallation Directory Conventions . . . . . . . viii
Z 1 B i\ . . . . . . . . . . . . . 12~Mm~hs . . . . . . . . . . . . . 1z7bL . . . . . . . . . . . . . . . . 1
Z 2 B dCEv . . . . . . . . . . . 3WebSphere Application Server uo . . . . . . . 3%;~qwdC . . . . . . . . . . . . . 4Tivoli Identity Manager :/dC . . . . . . . . 5
Tivoli Identity Manager ~qwc . . . . . . . 6%;:/dC . . . . . . . . . . . . . 6&\:/dC . . . . . . . . . . . . . 7Java {"~qMd|~qwxL . . . . . . . 89C Tivoli Identity Manager 1D WebSphere 73
^F . . . . . . . . . . . . . . . . 9
Z 3 B }]bdC . . . . . . . . . 11IBM DB2 dC . . . . . . . . . . . . . 11
7#(EkdC~qw . . . . . . . . . . 11dC IBM DB2 JDBC }/Lr. . . . . . . 14* JDBC `M 2 }/LrdC IBM DB2 V7.1M V7.2 . . . . . . . . . . . . . . . 15>}:)9 DB2 D5 . . . . . . . . . . 15
Tivoli Identity Manager D Oracle 20MdC . . . 15Z AIX O<820 Oracle . . . . . . . . 16<8Z Solaris O20 Oracle . . . . . . . 17<8Z Windows P20 Oracle . . . . . . . 18Z20sdC Oracle . . . . . . . . . . 19
SQL Server 2000 dC . . . . . . . . . . . 20<820 SQL Server 2000 . . . . . . . . 20Z20sdC SQL Server 2000 . . . . . . . 20
Z 4 B ?<~qwdC . . . . . . . . 21IBM Directory Server dC . . . . . . . . . 21
* Tivoli Identity Manager 8(s: . . . . . 22* Tivoli Identity Manager dC}Cj{Te~ 22XBt/?<~qw . . . . . . . . . . 234( LDAP s:Ts . . . . . . . . . . 24
Z,;(FczO9C V5.1 M WebSphereApplication Server . . . . . . . . . . . . 25
Sun ONE Directory Server dC . . . . . . . . 26
Z 5 B %;~qw20:Tivoli IdentityManager ~qw . . . . . . . . . . . 29*<0 . . . . . . . . . . . . . . . . 29bvKZJb . . . . . . . . . . . . . . 31%;~qw20DE"$wm . . . . . . . . 31
}]bE" . . . . . . . . . . . . . 31?<~qwE" . . . . . . . . . . . . 33%;~qw20D WebSphere Application ServerE" . . . . . . . . . . . . . . . . 34WebSphere 6k={"+]~qwMM'z . . . 35IBM HTTP Server E" . . . . . . . . . 35Tivoli Identity Manager E" . . . . . . . . 35
20 Tivoli Identity Manager ~qw . . . . . . 36/@nuD06-10ZM0mI10Z . . . . 38!q20`MM20?< . . . . . . . . . 39!q}]b . . . . . . . . . . . . . 39jI%;~qw200Z . . . . . . . . . 408( WebSphere +V2+T . . . . . . . . 418(S\\?"DA200** . . . . . . . 4320x9Md|dCn/ . . . . . . . . . 44%;~qw20DU>M?< . . . . . . . 53jI2+TdC . . . . . . . . . . . . 54Z20 Tivoli Identity Manager .s9C
runConfig . . . . . . . . . . . . . . 54P!qX20oT| . . . . . . . . . . 54
bT Tivoli Identity Manager ~qwD(E . . . . 55~qwkzmLrD(E . . . . . . . . . . 56
Z 6 B :/20:Tivoli IdentityManager ~qw . . . . . . . . . . . 57*<0 . . . . . . . . . . . . . . . . 57
bvKZJb . . . . . . . . . . . . . 589C xg?p\mw4(:/ . . . . . . . 59
:/20DE"$wm . . . . . . . . . . . 59}]bE" . . . . . . . . . . . . . 60?<~qwE" . . . . . . . . . . . . 61:/20D WebSphere Application Server E" . 62Tivoli Identity Manager E" . . . . . . . . 63
20 Tivoli Identity Manager ~qw . . . . . . 63/@nuD06-10ZM0mI10Z . . . . 65!q20`MM1!20?< . . . . . . . 66!q}]b . . . . . . . . . . . . . 67jI:/20rP . . . . . . . . . . . 678( WebSphere +V2+T . . . . . . . . 718(S\\?"DA200** . . . . . . . 7320x9Md|dCn/ . . . . . . . . . 74:/20DU>M?< . . . . . . . . . . 82jI2+TdC . . . . . . . . . . . . 83
© Copyright IBM Corp. 2003 iii
Z20 Tivoli Identity Manager .s9C
runConfig . . . . . . . . . . . . . . 83P!qX20oT| . . . . . . . . . . 83(e HTTP a0VCT(I!) . . . . . . 84i$Bq~qhC . . . . . . . . . . . 84
|B Web ~qwe~ . . . . . . . . . . . 84t/:/ . . . . . . . . . . . . . . . 84bT Tivoli Identity Manager ~qwD(E . . . . 84~qwkzmLrD(E . . . . . . . . . . 86mSr}%:/I1 . . . . . . . . . . . 86
9CBFcz)9:/ . . . . . . . . . . 869C,;Fcz)9:/ . . . . . . . . . 87}%:/I1 . . . . . . . . . . . . . 87
=< A. bL . . . . . . . . . . . . 89CD P;P(iD WebSphere Y1^)Lr PQ77521 89oT| CD. . . . . . . . . . . . . . . 899C WebSphere Application Server D Tivoli IdentityManager Dy!zk Solaris CD. . . . . . . . 899CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk Solaris CD. . . . . . . . 909d Solaris CD 1 . . . . . . . . . . . . 909d Solaris CD 2 . . . . . . . . . . . . 909d Solaris CD 3 . . . . . . . . . . . . 919d Solaris CD 4 . . . . . . . . . . . . 919C WebSphere Application Server D Tivoli IdentityManager Dy!zk AIX CD . . . . . . . . 919CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk AIX CD . . . . . . . . 919d AIX CD 1 . . . . . . . . . . . . . 929d AIX CD 2 . . . . . . . . . . . . . 929d AIX CD 3 . . . . . . . . . . . . . 929CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk HP-UX CD . . . . . . . 939C WebSphere Application Server D Tivoli IdentityManager Dy!zk Windows 2000 CD . . . . . 939CG IBM &CLr~qwD Tivoli IdentityManager Dy!zk Windows 2000 CD . . . . . 939d Windows 2000 CD 1 . . . . . . . . . 939d Windows 2000 CD 2 . . . . . . . . . 949d Windows 2000 CD 3 . . . . . . . . . 949d Windows 2000 CD 4 . . . . . . . . . 94
=< B. kT Windows Dm~M2~*
s . . . . . . . . . . . . . . . . . 959C WebSphere D Tivoli Identity Manager DnM
Windows Yw53M2~*s . . . . . . . . 959C WebSphere D Tivoli Identity Manager ~qwD
}]b . . . . . . . . . . . . . . . . 959C WebSphere D Tivoli Identity Manager ~qwD
?<~qw . . . . . . . . . . . . . . 96Tivoli Identity Manager ~qwD WebSphere ~qw
k HTTP ~qwX8m~ . . . . . . . . . . 96\'VD Web /@w . . . . . . . . . . . 97
=< C. <8 WebSphere 73 . . . . 99
<8 WebSphere Application Server 20 . . . . . 997# WebSphere 6k={"+]~qwkM'z
D Solaris ZKhC . . . . . . . . . . . 999CVPD WebSphere MQ V5.3 . . . . . . 99KZ 9090 ICTi$ . . . . . . . . . 100
dC Tivoli Identity Manager :/ . . . . . . 10020 WebSphere Application Server xg?p . . 10020 IBM HTTP Server M WebSphere Web ~
qwe~ . . . . . . . . . . . . . . 101zI WebSphere Web ~qwe~dCD~. . . 102Z?vZcO20 WebSphere Application ServerBase . . . . . . . . . . . . . . . 102+ZcmS=%* . . . . . . . . . . . 1034(:/ . . . . . . . . . . . . . . 1037# xg?p\mwMZczmLrZKP . . 104
dC WebSphere Application Server Bq~qhC 104
=< D. 2+T<G . . . . . . . . . 107WebSphere D2+T . . . . . . . . . . . 107
dC%Zc?pD2+T . . . . . . . . . 107dC`Zc?pD2+T . . . . . . . . . 110{C J2EE 2+T . . . . . . . . . . . 112
dC HTTP ~qwD8C=( . . . . . . . . 113
=< E. S Tivoli Identity Manager4.3 }6= Tivoli Identity Manager4.5 . . . . . . . . . . . . . . . . 115*<0 . . . . . . . . . . . . . . . . 115S9C WebLogic D Tivoli Identity Manager 4.3 }
6=9C WebLogic D Tivoli Identity Manager 4.5 . 116209C WebSphere Application Server D TivoliIdentity Manager V4.5 . . . . . . . . . . . 116dCB20 . . . . . . . . . . . . . . 117
=< F. S Tivoli Identity ManagerV4.4.x }6= V4.5 . . . . . . . . . 119*<0 . . . . . . . . . . . . . . . . 119}6%;~qwdC . . . . . . . . . . . 120
S Tivoli Identity Manager 4.4.x }6= 4.5 . . 120}6:/dC . . . . . . . . . . . . . 121
* xg?p\mw53+ Tivoli IdentityManager 4.4.x }6= 4.5 . . . . . . . . 122*I153+ Tivoli Identity Manager 4.4.x }6
= 4.5 . . . . . . . . . . . . . . . 123
=< G. 6X Tivoli Identity Manager 125*<0 . . . . . . . . . . . . . . . . 1256X Tivoli Identity Manager D=h . . . . . . 126
=< H. yw . . . . . . . . . . . . 127Lj . . . . . . . . . . . . . . . . 128
Jcm . . . . . . . . . . . . . . 129
w} . . . . . . . . . . . . . . . 133
iv IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
0T
IBM ® Tivoli ® Identity Manager ~qw208O (kT9C WebSphere® D Windows
2000)hvgNZ Windows 2000 ServerO20MdC Tivoli Identity Manager ~qw,
TcSPD;C\mJ4#
>iDA_
>VaG*20",$r\m>cFcz53Dm~D53k2+T\m1`4D#
A_&Kb53M2+T\mDEn#Kb,A_2&KbTB\mEn:
v ?<~qw
v }]b~qw
v WebSphere® 6k={"+]'V
v WebSphere Application Server r WebLogic
v IBM HTTP Server
vfo
kDA Tivoli Identity Manager b"X8m~vfoT0`XvfoPDhv,Sx7
(zO*nPCDvfo#Z7(zyh*Dvfo.s,kNDXZZ_CJb)
vfoD8>E"#
Tivoli Identity Manager ~qwJObTivoli Identity Manager ~qwJObPDvfoP:
v Tivoli Identity Manager *zC'oz
TyP Tivoli Identity Manager \mNqa)[OD*zozwb#
v *KbPX UNXI r Windows f>;,D Tivoli Identity Manager ~qw208
O,kVpiDkT WebSphere r WebLogic Df>#kkTzD>c9C`&D
f>#
a) Tivoli Identity Manager D20E"#
v Tivoli Identity Manager Policy and Organization Administration Guide
a)PX Tivoli Identity Manager \mNqDwb#
v Tivoli Identity Manager Server Configuration Guide
a)%;~qwM:/ Tivoli Identity Manager dCDdCE"#
v 6Tivoli Identity Manager nUC'8O7
a) Tivoli Identity Manager u'_C'E"#
v Tivoli Identity Manager "P5w
a) Tivoli Identity Manager Dm~M2~*s,T0^)Lr"9!Md|'VE
"#
v Tivoli Identity Manager Troubleshooting Guide
a) Tivoli Identity Manager z7d|DJbbvE"#
© Copyright IBM Corp. 2003 v
X8m~z7vfo
*P'X9C>iPDE",zXk_8 Tivoli Identity Manager X8m~z7D*6#
zISTBx7qCvfo:
v WebSphere Application Server
http://www.ibm.com/software/webservers/appserv/support.html
":TBD Redbooks r*PmhvK WebSphere Application Server D20MdC
T0=S2+TDa)#d;KPmG>vfo"P1DnBE",+dPD
vfoI\VZQ}1#k*5zDM'zmTq!J4E"D(iPm#
– IBM WebSphere Application Server V5.0 System Management and Configuration,
IBM l$i
– IBM WebSphere Application Server V5.0 Security,IBM l$i
v }]b~qw
– IBM DB2
http://www.ibm.com/software/data/db2/udb/support.html
http://www.ibm.com/software/data/db2
– Oracle
http://technet.oracle.com/documentation/content.html
– Microsoft SQL Server 2000
http://msdn.microsoft.com/library/
v ?<~qw&CLr
– IBM Directory Server
http://www.ibm.com/software/network/directory
– Sun ONE Directory Server
http://www.ibm.com/software/network/directory
v WebSphere 6k={"+]'V(r IBM MQSeries)
http://www.ibm.com/software/ts/mqseries
v Web zm~qw
– IBM HTTP Server
http://www.ibm.com/software/webservers/httpservers/library.html
`Xvfo
ZTBvfoPIqC Tivoli Identity Manager ~qwD`XE":
v Tivoli m~ba)wV Tivoli vfo,ngW$i"}]gSmq"]>"Redbooks
Myw/#TB Web >cOa) Tivoli m~b:
http://www.ibm.com/software/tivoli/library/
v Tivoli Software Glossary |(k Tivoli m~PXDm`uoD(e#Tivoli Software
Glossary ;P"of,zIS Tivoli m~b Web 3fs_D Glossary 4SqC:
http://www.ibm.com/software/tivoli/library/
vi IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z_CJvfo
zIZ_S Tivoli m~bPqCIF2D5q=(PDF)M/r,D>jGoT
(HTML)N=D>z7 IBM vfo:
http://www.ibm.com/software/tivoli/library
*ZbPiRz7vfo,k%wKb3fs_D Product manuals 4S#;s,Z
Tivoli Software Information Center 3fOiR"%wCz7{F#
z7vfo|("P5w"208O"C'8O"\m18OM*"_N<s+#
":*7# PDF vfor!}7,kZ Adobe Acrobat D0r!10Z(%wD~ →r!IR=)P!qJO3f4!r#
(z!n
z7D5|,TB(z!n&\:
v D5,1T HTML M PDF q=a),9C'ns^HX&CA;DAwm~#
v D5PDyP<q<a)8CD>,byPS&O-DC'ITmb<qDZ]#
*5m~'V
ZM3;Jb*5 IBM Tivoli m~'V.0,kCJTB IBM Tivoli m~'V Web
>c:
http://www.ibm.com/software/sysmgmt/products/support/
g{zh*d|oz,k9CTB Web >cD IBM Software Support Guide PhvD
=(*5m~'V:
http://techsupport.services.ibm.com/guides/handbook.html
>8Oa)TBE":
v S\'VyhD"aMJqhs
v g0Ek(!vZzyZDzRrXx)
v *5M''V.0&U/DE"Pm
>iP9CD<(
>N<T;)(CuoMYwT0X(ZYw53D|nM769CKtI<(#
>iP9CKTBVM<(:
VeV VeD>CZm>I!D0Z4|"VNu?MvVZ>VaPD|
n(+;|(>}rD~Z])#
HmVM HmVM`MPDD>CZm>D~Z]"D~{r|nDdv#
1eV 1eD>CZm>X(ZOBDD5,}g:
v 76{
v D~{
0T vii
v C'{
v i{
v 53N}
v 73d?
Installation Directory ConventionsKvfo9CTB<(8(1!?<:
{ITIM_HOME}Tivoli Identity Manager D1!20?<
{WAS_HOME}WebSphere Application Server D1!20?<
{WAS_NDM_HOME}WebSphere Application Server xg?p D1!20?<
viii IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z 1 B i\
>VahvgNZ%;~qwr:/dCO20"u=dCMi$ Tivoli Identity
Manager ~qw#k9Ckz53ODYw53M Web &CLr`T&D20D5#
Kb9P;>6Tivoli Identity Manager ~qw208O7(kT9C WebSphere D
UNIX)#
20M*<9C Tivoli Identity Manager ~qwDw*=hy]20GkT%;~qw
9GkT:/dCT0Gq9C.0QfZD WebSphere Application ServerxPy;,#
E(xT,b)=h|(:
1. gZ 3 3DZ 2 B, :dCEv;Pyv,7(zDdCG%;~qwD9Gh*
;v|_luTD:/r&\TD:/bv=8#
2. gZ 11 3DZ 3 B, :}]bdC;Pyv,20MdC}]b#
3. gZ 21 3DZ 4 B, :?<~qwdC;Pyv,20MdC?<~qw#
4. TZ%;~qwdC,gZ 29 3DZ 5 B, :%;~qw20:Tivoli Identity
Manager ~qw;Pyv,20 Tivoli Identity Manager ~qw#
5. TZ:/dC,4PTB=h:
v gZ 99 3D=< C, :<8 WebSphere 73;Pyv,20"dCX8
WebSphere Application Server 'V#
v gZ 57 3DZ 6 B, ::/20:Tivoli Identity Manager ~qw;Pyv,4
(:/"20 Tivoli Identity Manager ~qw#
":T:/dC,zXkV/20XhD^)|#
2~Mm~hs
PXm~M2~*sDPm,kNDZ 95 3D=< B, :kT Windows Dm~M2~
*s;#
z7bL
Tivoli Identity Manager ~qwz7T;5PbL(CD)*XeD==a)#*0sq
C CD =fDoz,kk IBM 'V*5# PX CD 0dZ]DPm,kND Z 89
3D=< A, :bL;#
© Copyright IBM Corp. 2003 1
2 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z 2 B dCEv
WebSphere Application Server 73PD Tivoli Identity Manager ~qwGT%;~q
wdCr:/dCi/D#>ZTb=VdCxPKr*R_6Dhv,"EvK|
GD5V3r#sxBZ|_eXhvK5V}L#
":
1. >BPDy>dC*sZ4P20kdC>z7D=h05);)$HDF.n
/#PXd|hvgNf.Tzcz5qhsDD5,kkM'zm*5#
2. PX WebSphere Application Server z7Dd|E",kNDZZ vi 3D:X8m
~z7vfo;P}CD=SD5#
3. Tivoli Identity Manager 9CDs`}Pd~<h*^)|#PX|`E",kND
Z 95 3D=< B, :kT Windows Dm~M2~*s;#
WebSphere Application Server uo
TBuohvK WebSphere Application Server dCPD*X:
%* ?p\mw\mD\mr#%*G'V WebSphere Application Server V<=7
3P+2\mn/DZc_-Vi#%*IP;vr`v:/#
Zc ZcGomFczOD;vr`v&CLr~qwD_-i#Zc{Z%*Z
G(;D#Zc{(#kFczDwz{Gj+`,D#2MG5,Zc(#
T&ZP(; IP X7DomFcz53#
&CLr~qw
&CLr~qwG WebSphere Dw*i~#~qwKP Java ibz,Sx*
&CLrzka)KP173#&CLr~qwa)(EtCX( Java &CL
ri~4PD]w#
xg?p\mw
CZa)/P\mS<"XF WebSphere Application Server V<=%*PDy
P*X|(:/\mD\m}L#xg?p\mw:p?;ZcODbZ]#
xg?p\mw(}k%*D?vZcODZczmLrxL(E4\mbZ
]#
ZczmLr
ZczmLr(}k xg?p\mwxP(E4\mZcO WebSphere
Application Server DyP\\xL,Sx-w"9dC,=#ZczmLrz
m xg?p\mw4P\mYw#ZczmLrm>\m%*PDZc#Zc
zmLrk WebSphere Application Server Base ;p20,+1=ZcmS=
xg?p73PD%*sEGXhD#
:/ ;vr`v&\`,D&CLr~qwxLD_-Vi#:/a)r%D?
p"dC"$w:X=bT0XK_`#:/Gw*%v53;p$wD`v
~qwD/O,CT7#4Pt*NqD&CLrMJ4TM'z#VIC#
:/a)IluT#PX|`E",kNDM''VI\a)Dd|hvZ
WebSphere Application Server V<=73P("91M.=:/DD5#
© Copyright IBM Corp. 2003 3
:/I1
:/P WebSphere Application Server D5}#
WebSphere Web ~qwe~
WebSphere Web ~qwe~G20= HTTP ~qwD;vi~,C4Z:/
PSU+kDks"+|G+d=J1D Web ]w#plugin-cfg.xml D~\
me~DP*#e~Jm Web ~qw+PX/,Z](g servlet)Dks+
M=&CLr~qw#
%;~qwdC
%;~qwdCITZ;(omFczO20 WebSphere Application Server Base Md
|yhD&CLr#Tivoli Identity Manager ~qw,1a)C'gfM$ww&m#
Z;(FczOxPdC_PTB*s:
v ;vCZf"BqE"D}]b
v ;v?<~qw
v WebSphere Application Server Base
v Tivoli Identity Manager ~qw
v ;vq IBM HTTP Server M WebSphere Web ~qwe~D HTTP ~qw#PX
WebSphere Web ~qwe~Dy>(e,kNDZ 3 3D:WebSphere Application
Server uo;#PXdC WebSphere Web ~qwe~D|`E",kNDZ 113 3
D:dC HTTP ~qwD8C=(;#
< 1. ;(omFczOD%;~qwdC
4 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
r_,zIZ;(omFczO20 WebSphere Application Server Base M Tivoli
Identity Manager ~qwD5},;sZ;(r`(d|FczO20yPd|h*D&
CLr#
":PXZQ20K WebSphere Application Server D,;(FczO20 IBM Directory
Server V5.1 yhDd|V/dC=h,kNDZ 25 3D:Z,;(FczO9C
V5.1 M WebSphere Application Server;#
20P Tivoli Identity Manager ~qwDFcz_PTB*s:
v WebSphere Application Server Base
v JDBC }/Lr(}]bM'z)
=SFcz_PTB*s:
v ;vCZf"BqE"D}]b
v ;v?<~qw
v ;vq IBM HTTP Server M WebSphere Web ~qwe~D HTTP ~qw#
PX|`E",kNDZ 29 3DZ 5 B, :%;~qw20:Tivoli Identity Manager
~qw;#
Tivoli Identity Manager :/dC
Tivoli Identity Manager :/dC45wTBZ].;:
v Z 6 3D:%;:/dC;
v Z 7 3D:&\:/dC;
PXdC:/D|`E",kNDZ 59 3D:9C xg?p\mw4(:/;#PX
"Pf6pM^)|f6DE",kNDZ 95 3D=< B, :kT Windows Dm~M
2~*s;#
< 2. `(omFczOD%;~qwdC
Z 2 B dCEv 5
":
1. TBe<P,?;rMzm;(omFczOD;v WebSphere Zc#(i;(F
czOv(";vZc#
2. g{ZQ20K WebSphere Application Server D,;FczO20 IBM Directory
Server V5.1,kNDZ 25 3D:Z,;(FczO9C V5.1 M WebSphere
Application Server;,TKbyhDd|V/dC=h#
Tivoli Identity Manager ~qwc
Tivoli Identity Manager ~qwa)DcG&\D;vS/,ng&mC'gfn/D&
\r&m$wwn/D&\#Tivoli Identity Manager ~qwIw*`c~qw420,
Sx9zZ&\:/dCP+?ca)D&\Vd=;,D:/#
Tivoli Identity Manager ~qwa)TBwc:
C'gf(UI)a)C'gf&m&\,|(I9wV;,C'&m Tivoli Identity Manager ~
qwya)D&\DwVT0Mm%#PXC'gfDE",kND Tivoli
Identity Manager Policy and Organization Administration Guide#
$ww(WF)
a)$ww&m&\#
$wwGz<"\xr"Mks*sjID}L#PX$ww&mDE",k
ND Tivoli Identity Manager Policy and Organization Administration Guide#
20!n|(TBZ]:
v %;~qw
v %;:/r&\:/:Z%;:/20}LP,=cy20Z:/I1D?v&C
Lr~qwO#?;:/I1D&\H,k Tivoli Identity Manager %;~qwD&
\#
Z&\:/P,C'gf(UI)c20Z;:/P,$ww(WF)c20Zm;:
/P#K=:/D[O&\H, Tivoli Identity Manager DyP&\#
%;:/dC
%;:/dC8(;i WebSphere &CLr~qw#Tivoli Identity Manager C'gf
cM$wwc<KPZ:/P?vZc`,D WebSphere Application Server O#Kd
CZ;(FczO8( xg?p\mw#`BD&CLrdCZd|FczO#
6 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
TBhvKKdC:
v Z20P xg?p\mwDFczO,20TBwn:
– WebSphere xg?p\mw
– JDBC }/Lr(}]bM'z)
v Z?(:/I1O,20TBwn:
– WebSphere Application Server
– Tivoli Identity Manager ~qw. ZKdCP20D Tivoli Identity Manager ~q
wa)iODC'gfM$wwc#
– JDBC }/Lr(}]bM'z)
v Z;(r`(;Z:/PD=SFczO,20TBwn:
– ;vCZf"BqE"D}]b
– ;v?<~qw
– ;vq IBM HTTP Server M WebSphere Web ~qwe~D HTTP ~qw#P
XK~qwD|`E",kND IBM HTTP Server a)DD5#PX WebSphere
Web ~qwe~Dy>(e,kNDZ 3 3D:WebSphere Application Server u
o;#PXdC WebSphere Web ~qwe~D|`E",kNDZ 113 3D:d
C HTTP ~qwD8C=(;#
&\:/dC
&\:/dC+ xg?p\mwECZ;(FczO#`BD&CLrZd|FczO
D;,:/PdC#Tivoli Identity Manager ~qw UI cZ;:/DZcOdC,WF
cZd|%@:/DZcOdC#
< 3. `(omFczOD%;:/dC
Z 2 B dCEv 7
TBhvKKdC:
v Z20P xg?p\mwDFczO,20TBwn:
– WebSphere xg?p\mw
– JDBC }/Lr(}]bM'z)
v Z?v:/D?vI1O,20TBwn:
– WebSphere Application Server
– Tivoli Identity Manager ~qw
ZC'gf:/P,Tivoli Identity Manager ~qwD5}va)C'gf&m#
Z$ww:/P,Tivoli Identity Manager ~qw5}va)$ww&m#
– JDBC }/Lr(}]bM'z)
v Z;(r`(;Z:/PD=SFczO,20TBwn:
– ;vCZf"BqE"D}]b
– ;v?<~qw
– IBM HTTP Server M WebSphere Web ~qwe~
Java {"~qMd|~qwxL
d|~qwxLKPZ WebSphere Application Server 73P,nga) WebSphere 6
k={"+]'VD Java {"~q(F* jmsserver xL,2F* JMS ~qw)#
< 4. &\:/dC
8 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
":*9 Tivoli Identity Manager \kd|&CLr;;E"SxT{"N="MMS
U}],WebSphere 6k={"+]'VGXhD#XZ|`E",kNDhv
WebSphere 6k={"+]'Vr WebSphere MQ D WebSphere Application Server
D5#
9C Tivoli Identity Manager 1D WebSphere 73^F
*Z WebSphere 73PnP'X9C Tivoli Identity Manager,kqXTB^F:
v Tivoli Identity Manager Y(:/kYw53G,`D#*\b2+(EM$idC
=fDJb,(izZ Tivoli Identity Manager :/Z;*9C`VYw53#
v Z&\:/P,k;*SC'gf+:/I1k$ww:/ECZ,;FczO#
v g{Z,;FczPP WebSphere Application Server D`v5},rb)5}.;
D~qwEI\G Tivoli Identity Manager :/I1#
v WebSphere Application Server JmzZ,;FczO,120 xg?p\mwM:
/I1#k7#KFczPyhDZf]?"YHMzcnb0kDICUd#
Z 2 B dCEv 9
10 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z 3 B }]bdC
>BhvgNdCk Tivoli Identity Manager ~qw;p9CD}]b#PX\'VD
}]b"PfMXh9!D|`E",kNDZ 95 3D=< B, :kT Windows Dm
~M2~*s;#PX IBM DB2 D|`E",kND
http://www.ibm.com/software/data/db2/udb/support.html ODICD5#
":
1. >BPhvD IBM DB2 hCGu=hC,h*ZKP1xPw{#
2. >B+ IBM DB2 KP1M'zF*`M 2 Java }]b,S}/Lr#ZsxB
ZP,CuoF* JDBC }/Lr#
>ZhvTBZ]:
v :IBM DB2 dC;
v Z 15 3D:Tivoli Identity Manager D Oracle 20MdC;
v Z 20 3D:SQL Server 2000 dC;
IBM DB2 dC
zXkT Administrator m]G<= IBM DB2 ~qw4jITB=h:
v :7#(EkdC~qw;
v Z 14 3D:dC IBM DB2 JDBC }/Lr;
7#(EkdC~qw
*<8 IBM DB2 ~qw,k4PTB=h:
v :7# TCP/IP (E;
v Z 12 3D:dC IBM DB2 ~qw;
7# TCP/IP (E
Zz*<0,k7O IBM DB2 ~qwOD TCP/IP (E#k4PTB=h:
":b)=hYhdCP9C`(Fcz,dP;(0P IBM DB2 ~qw#g{}]
bk IBM DB2 ~qwZ,;FczO,r;h*dC TCP/IP (E#
1. (}%w*< –> KP"dk db2cmdr*;v IBM DB2 |n0Z#
2. Z DB2 |n0ZPKPTB|n:
db2set -all DB2COMM
3. g{3 tcpip u?(m> TCP/IP (E)4Z db2set -allDB2COMM |n5XD
PmP,kKPTB|n,dP*|( tcpip MIC|na)DPmPy5XDy
Pd|5#
db2set DB2COMM=tcpip,<values_from_db2set_command>
}g,g{ db2set -all DB2COMM |nZPmP5XKng npipe M ipxspx D
5,k1zZ~NKP db2set |n1YN8(b)5:
© Copyright IBM Corp. 2003 11
db2set DB2COMM=tcpip,npipe,ipxspx
dC IBM DB2 ~qw
*dC~qw,k4PTB=h:
1. * Tivoli Identity Manager 4(;v{FHg* itimdb D}]b,"4(;v{
F* enrolebp D:eX#
":zITT}]b{F8(Nb{F#:eXD{FXk* enrolebp#
a. (}%w*< –> KP"dk db2cmdr*;v IBM DB2 |n0Z#
b. Z|n0ZP,4Pb)|n4(}]b:
db2 create db itimdb using codeset UTF-8 territory USdb2 update db cfg for itimdb using applheapsz heapvaluedb2 update db cfg for itimdb using app_ctl_heap_sz 512
dP heapvalue GT'VZ*%;zm 4K 3}?D{},ng 1024#
":<G=d|&CLrTZfDhs,k+ applheapsz hC*|FZ0P}]
bDFczPD5JZf5.;kD5#
c. *5}dC~q{,TcCJ6L JDBC }/Lr#}g,dkTBZ]:
db2 update dbm cfg using svcename <service_name>
dP <service_name> G;vng DB2_db2inst1 D5#
d. k7#rTBD~mSOJD~q{F:
v UNIX:/etc/services
v Windows:%SYSTEMROOT%\system32\drivers\etc\services
}g,dkTBZ]:
db2 get dbm cfg
5IkTB5`F:
v DB2_db2inst1: 50000/tcp
v DB2_db2inst1i: 50001/tcp
53+*szdkk~q{FT&DKZE#
e. dkTB|n7O,S#g{,SI&,+5XTB}]b,SE":
db2 connect to itimdb
f. 4(:eX:
db2 create bufferpool enrolebp size -1 pagesize 32k
2. k7#QChC DB2_RR_TO_RS=YES r*0IX4A1tT#k4PTB=h:
a. dkTB|n:
db2set -all
b. liX&T7# DB2_RR_TO_RS=YES fZ#
c. g{4R=Cu?,kdkTB|n+5hC* YES:
db2set DB2_RR_TO_RS=YES
d. XBdkTB|nTi$ChCVZGqQfZ:
db2set -all
12 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
3. XBt/ IBM DB2#
db2stop# (Note: Do a "db2 force application all" if entering db2stop fails)db2start
Z IBM DB2 ~qwO4({F* enrole DC'
Z IBM DB2 ~qwO,4({F* enrole DC'#k4PTB=h:
v Z AIX O,T root m]4PTB=h:
1. 9C smit r smitty t/53\m$_#
2. !q2+TkC' –> C' –> mSC'#
3. Z0C'{1VNP,dk enrole#
4. 4 Enter |4(C'"5X=0C'1A;#
5. !q|DC'\k#
6. a>dkC'{1,dkz(eD5,ng enrole#zVZQx enrole C'j6
8(K enrole \k#
7. Za>|DC'\k1,kdkzT0*}]bC'(eD\k#
8. Kv53\m$_#
9. bTC'CJ(#(} Telnet ==CJ IBM DB2 ~qwKPyZDFcz#k
7#zICBDC'j6G<";a*szXh\k#
v Z Solaris O,kT root m]4PTB=h:
1. t/ admintool#
2. ZNq8P%w/@ –> C'#
3. %w`- –> mS#
4. Z0mSC'1T0rD0C'{1VNP,dk enrole#Z0\k!q1K%
O,!q}#\k#
5. Z0hCC'\k1T0rP,dk\k"xPi$#%w7(#
6. +0w?<1VNPD76hC*ng /export/home/enrole D76#%w7(#
7. ZNq8O%wD~ –> KvxKv#
8. bTC'CJ(#(} Telnet ==CJ IBM DB2 ~qwKPyZDFcz#k
7#zICBDC'j6G<"^hXh\k#
v Z Windows 2000 O,T Administrator m]4PTB=h:
1. (}%w*< –> hC –> XFfe –> \m$_ –> Fcz\mCJFcz\
m$_#
2. %w>XC'Mi –> C'#
":enrole C';hmS=NNiP#
3. !qYw –> BC'#
4. Z0C'{1VNP,dk enrole#
5. Z0\k1VNP,dk}]bC'D\k#
6. e}C'ZBNG<1Xk|D\k!n#
7. !P\k@;}Z4!r#
8. %w4(#
Z 3 B }]bdC 13
Z:/PD?(FczO4({F* enrole DC'
Z+I* Tivoli Identity Manager :/.;?VD?(FczO4({F* enrole D
C'#KC';hXbX(#k7#ZBNG<1^h^D\k,R\k@;}Z#
dC IBM DB2 JDBC }/Lr
IBM DB2 h*9C`M 2 Java }]b,S}/Lr(JDBC }/Lr)w*}]bM
'z#C JDBC }/LrCZ+yZ Java D&CLr,S=KPZ,;FczrKP
Z6LzwD IBM DB2 }]b#Z Tivoli Identity Manager :/?pP,JDBC }/
Lr9yP Tivoli Identity Manager ~qw\k}]4(E"2mE"#PX|`E",
kND IBM DB2 D5#
":
1. IBM DB2 z720D JDBC }/LrF* IBM DB2 KP1M'z#
2. *7#}]b,S}7ME= Intel =(,k9C TCP WSV#;*9C|{\@
w* IBM DB2 M'zOD,S=(#|{\@=(T,S}?P^F,a}p
Tivoli Identity Manager }]bms#
Yh?jFczO420 IBM DB2,rzXkZTB?jzwO20MdC JDBC }
/LrT0XhD^)|#PX|`E",kNDZ 95 3D=< B, :kT Windows
Dm~M2~*s;#
v 0Pxg?p\mwDFcz
v z#{20 Tivoli Identity Manager ~qwD?v:/I1
v Z0P%;~qwDFczO(dP IBM DB2 G6LD}]b)#
Z?v?jzwO,k4PTB=h:
1. 20"dC JDBC }/LrMXhD^)|#
2. (}I!TB=hT}]b`F?<:
a. r* IBM DB2 |n0Z#
%w*< –> KP"dk db2cmd#
b. ZM'zOD|n0ZP,Z;PP4PK|n:
db2 catalog tcpip node db2node_hostname remote db2server_hostnameserver service-name|portnumber
dP:
node db2node_hostname
+;`?DZcD>Xp{#|G}]b$tDFczDwz{#KC
'(eD5zmZ? IBM DB2 Zc{#
remote db2server_hostname
IBM DB2 $tDZcDwz{#wz{G TCP/IP xgQ*DZcD{
F#}g,{F* db2server2host#
server service-name|portnumber
8(~qw}]b\mw5}D~q{FrKZE#IBM DB2 KZED
1 ! 5 * 5 0 0 0 0 # k Z I B M D B 2 ~ q w $ t D F c z P D
%SYSTEMROOT%\system32\drivers\etc\services D~PR=10KZE#
M'zk~qwODKZEXk`%d#g;vKZEQ;8(,rZ
>X TCP/IP servicesD~P^h8(~q{F#
14 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
c. dkTB|n`F}]b?<:
db2 catalog database itimdb as itimdb at node db2node_hostname
3. *bT`?GqI&,kdkTB|n:
db2 connect to itimdb
* JDBC `M 2 }/LrdC IBM DB2 V7.1 M V7.2
":IBM DB2 Fix Pack 3 a9 IBM DB2 V7.1 (F= V7.2#PX10XhD^)|
D|`E",kNDZ 95 3D=< B, :kT Windows Dm~M2~*s;#
TZ IBM DB2 V7.1 M V7.2,zXkV/dC JDBC `M 2 }/Lr#kZ IBM
DB2 ~qwO4PTB=h:
1. k7#zQT IBM DB2 Administrator m]G<#
2. 4TB=hdC IBM DB2 T9C JDBC `M 2 }/Lr:
a. #9yP IBM DB2 ~q#
b. t/ Windows |na>{"KP <IBM DB2 install
directory>\java12\usejdbc2.bat
dP <IBM DB2 install directory> f;*z20 IBM DB2 D?<#
c. XBt/yPD IBM DB2 ~q#
>}:)9 DB2 D5
TBG* IBM DB2 hC|s5D;v}S:
db2 update database configuration for itimdb using dbheap 1200db2 update database configuration for itimdb using applheapsz 2048db2 update database configuration for itimdb using maxappls 60db2 update database configuration for itimdb using app_ctl_heap_sz 1024db2 alter bufferpool ibmdefaultbp size 14750db2 alter bufferpool enrolebp size 13240
g{ applheapsz D5+!,10ks?DC'1,I\a"zZf;;Dms#}g,
U>D~I\|,TBod:
^c;ICDf"?4&m sql od#
*a)nbDf"Ud,k+ IBM DB2 &CLrQs!|D*;v|sD5#
su - db2inst1db2 force applications alldb2stopdb2 terminatedb2 update db cfg for itimdb using applheapsz 2048db2start
":Z Windows O,r*;v db2cmd 0Zdk|n#
Tivoli Identity Manager D Oracle 20MdC
>ZhvZ Tivoli Identity Manager r\Z20 Oracle D200}LM20sdC=
h#
ZyPivB,*Kbj{E",kND Oracle 8i Installation Guide#
Z 3 B }]bdC 15
":20 Oracle 1,zXk+ JServer !nw*20D;?V|,ZZ#g{!qd
M Oracle 20,r JServer +|,ZZ#g{!q4PT(e Oracle 20,k7
#!q JServer w*20!n#
Z AIX O<820 OracleZ AIX 53P20 Oracle .0,kjITB}L:
1. T root m]G<= AIX 53#
2. 7# AIX 5320KTBD~/:
v bos.adt.base
v bos.adt.libm
Oracle z720k>Xb4SE\4( Oracle I4PD~#;PD~/,4S+
'\"R Oracle ^(20r}#KP#zITS AIX *"_$_d CD 20b
)D~/#
3. i$zD53zcr,}TB?<DICELUd*s:
v /usr:3 GB
v /var:300 MB
v /tmp:2 GB
TZ AIX,1! Oracle 20?<* /usr#
":
1. *7(ELUdDICT,kdkTB|n:
df - Ivk
dv5T 1024 vVZ*%;#
2. *9C SMIT r SMITTY |D /usr r /var ?<Ds!,k/@TB0Z:
53f"\m –> D~53 –> mS/|D/T>/>}D~53 –> U>D
~53 –> |D/T>U>D~53DXw –> /usr –> D~53Ds!(T
512 vVZDi*%;)#
4. g{ CD-ROM D~53P;fZ,k9C SMITTY 5CLr4(;v:
a. SXF(r|nPdk $ mkdir /cdrom#
b. SXF(r|nPdk $ smitty crcdrfs#
K1+T>TBK%:
mS CDROM D~53ZdkVNPdkr!q5#ZwKyPZ{D|Ds4 Enter |#
[dkVN]* h8{ +* 20c []Z53XBt/1T/20p? q +
c. (}4 F4"!q}/w"4 Enter |!q;v CD-ROM }/w#
d. YNcw Enter |,4(D~53#4(|njI1,4 F10 Kv SMITTY#
e. 9CTB|n20 cdrom ?<:
mount /cdrom
5. 4(T Oracle }]b9CD20c:
16 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
$ mkdir /u01$ mkdir /u02
6. hC20cDmI(,9C Oracle C'J'\Z20}LP4k|G:
$ chmod 777 /u01$ chmod 777 /u02
7. 9C SMIT 4(=vi;;v{* dba DC'iM;v{* oper DC'i#
8. 9C SMIT 4({* oracle DBC'# *BDC'J'jITB=h#
a. +J'DwihC*z4(D dba i#
b. hCJ'Dw?<* /home/oracle#
c. hCG< shell Lr(u<Lr)* /bin/sh#
Oracle J'+KPC20Lr#KJ'XkvCZ20M,$ Oracle#
9. li /usr/lbin D~76fZ"|,Z Oracle C'J'D PATH P#(}`-
/home/oracle/.profile IThCK76#
10. (}4P CD D orainst ?<PD oratab.sh E>I4( oratab D~#
$ ./oratab.sh
11. w* oracle C'G<=53:
$ su - oracle
12. i4 oracle J'D umask hC#
$ umask
umask &ChC* 022#g{J'D umask ;PhC* 022,kCTB|nxP
hC:
$ umask 022
13. `- .profile "mSTB73d?hC:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMELIBPATH=$ORACLE_HOME/lib; export LIBPATHLD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib; export LD_LIBRARY_PATHORACLE_SID=or1; export ORACLE_SIDORACLE_TERM=vt100; export ORACLE_TERM
7# oracle C'D PATH |, $ORACLE_HOME/bin"/bin M /usr/bin#g{;
|,,r+|GmS= .profile#
14. 9CTB|nR=E*D~:
$ . ./.profile
15. KP rootpre.sh,9zw<8S /cdrom xP20:
$ ./rootpre.sh
VZzQ<8Mw,IT*<20 Oracle K#
<8Z Solaris O20 OracleZ Solaris 53P20 Oracle .0,kjITB}L:
1. T root m]G<= Solaris 53#
2. 7#*53hCDZKN}zcr,}20yhD5#XZ|`DE",kND
Oracle 8i Installation Guide#
3. 4(T Oracle }]b9CD20c:
Z 3 B }]bdC 17
$ mkdir /u01$ mkdir /u02
4. 9CTB|nSXF(t/ admintool 5CLr:
# admintool
5. Z Admintool 0ZP,%w/@ –> i# K1,0Admintool:i10Z+r*#
6. Z0Admintool:i10ZP,%w`- –> mS# K1,0Admintool:mSi1
0Z+r*#
7. 4(=vi,;vC'i{* dba,m;vC'i{* oinstall#
8. Z0Admintool:i10ZP,%w/@ –> C'# K1,0Admintool:C'10
Z+r*#
9. 9C admintool 4({* oracle DBC'#*BDC'J'jITB=h#
a. +J'DwihC*z4(D oinstall i#
b. +J'D(zihC*z4(D dba i#
c. 7#!q04(w?<1VNT_D%!4%#Z0761VNP,dk
/export/home/oracle w*C' oracle Dw?<#
d. +G< Shell LrhC* /bin/sh#
Oracle 20LrXkZKJ'BKP#KJ'+vCZ20M,$ Oracle#
10. w* oracle C'G<=53:
# su - oracle
i4 oracle J'D umask hC#
$ umask
umask &ChC* 022#g{J'D umask ;PhC* 022,kCTB|nxP
hC:
$ umask 022
mk^D .profile,Tc43|D#
11. * oracle J'mSTBwP= /export/home/oracle/.profile#
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMEORACLE_SID=or1; export ORACLE_SIDORACLE_DOC=$ORACLE_HOME/doc; export ORACLE_DOCORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data; export ORA_NLS33PATH=$ORACLE_HOME/bin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:.
g{ZQw76Ph* /usr/ucb,k7#+|PZ PATH hCPD /usr/ccs/bin
.s#
12. 9CTB|nR=E*D~:
$ . ./.profile
VZzQ<8Mw,IT*<20 Oracle K#kND`&D Oracle D5"20m~#
I&20s,k5XA>ZPDdC8>E"#
<8Z Windows P20 OracleZ Windows 53P20 Oracle .0,kjITB}L:
1. i$zD53zcr,} Oracle 8i Installation Guide PkTz*4PD20`M
yPD53*s#
18 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
2. Tz+Z20P9CD\m1J'G<= Windows 53#
VZzQ<8Mw,IT*<20 Oracle K#
Z20sdC Oracle*KdC Oracle,9.Z Tivoli Identity Manager r\P9C,zXkjItI20s
Nq#
1. i$ init.ora D~PfZTBwP:
compatible=8.1.0
2. 4(CZ Tivoli Identity Manager D}]b#
TBGICZ4(}]bD SQL E>y>#z&|DE>PD5,9.{OzD>
chs#
-- Create databaseCREATE DATABASE sample
CONTROLFILE REUSELOGFILE ’/u01/oracle/sample/redo01.log’ SIZE 1M REUSE,
’/u01/oracle/sample/redo02.log’ SIZE 1M REUSE,’/u01/oracle/sample/redo03.log’ SIZE 1M REUSE,’/u01/oracle/sample/redo04.log’ SIZE 1M REUSE
DATAFILE ’/u01/oracle/sample/system01.dbf’ SIZE 10M REUSEAUTOEXTEND ONNEXT 10M MAXSIZE 200M
CHARACTER SET UTF8;
-- Create another (temporary) system tablespaceCREATE ROLLBACK SEGMENT rb_temp STORAGE (INITIAL 100 k NEXT 250 k);
-- Alter temporary system tablespace online before proceedingALTER ROLLBACK SEGMENT rb_temp ONLINE;
-- Create additional tablespaces ...-- RBS: For rollback segments-- USERs: Create user sets this as the default tablespace-- TEMP: Create user sets this as the temporary tablespaceCREATE TABLESPACE rbs
DATAFILE ’/u01/oracle/sample/sample.dbf’ SIZE 5M REUSE AUTOEXTEND ONNEXT 5M MAXSIZE 150M;
CREATE TABLESPACE usersDATAFILE ’/u01/oracle/sample/users01.dbf’ SIZE 3M REUSE AUTOEXTEND ON
NEXT 5M MAXSIZE 150M;CREATE TABLESPACE temp
DATAFILE ’/u01/oracle/sample/temp01.dbf’ SIZE 2M REUSE AUTOEXTEND ONNEXT 5M MAXSIZE 150M;
-- Create rollback segments.CREATE ROLLBACK SEGMENT rb1 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb2 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb3 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb4 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;
-- Bring new rollback segments online and drop the temporary system oneALTER ROLLBACK SEGMENT rb1 ONLINE;ALTER ROLLBACK SEGMENT rb2 ONLINE;ALTER ROLLBACK SEGMENT rb3 ONLINE;ALTER ROLLBACK SEGMENT rb4 ONLINE;
ALTER ROLLBACK SEGMENT rb_temp OFFLINE;DROP ROLLBACK SEGMENT rb_temp ;
3. (}`-D~ $ORACLE_HOME/dbs/init.ora PD PROCESSES N}IT+ Oracle
,SD1!5S 50 vS= 150#
":Oracle ,S*sy];,s5aP\sD;,#ky]zD73hC,S5#
Z 3 B }]bdC 19
4. 9C alter sql |nIT+ Oracle DmUdS1!5vS=I9CDns?#
SQL> alter database datafile ’<location of DBF file>\ENROLE1_DATA_001.DBF’ resize 500mSQL> alter database datafile ’<Oracle db location of DBF file>\ENROLE1_IDX_001.DBF’resize 500m
SQL Server 2000 dC
>Zhv*k Tivoli Identity Manager ;p9Cx20 Microsoft SQL Server 2000 D
200}Lk20sdC=h#
ZyPivB,*Kbj{E",kND SQL Server 2000 20D5#
<820 SQL Server 2000Z Windows 53P20 SQL Server .0,kjITB}L:
1. k7#20nBD SQL Server 2000 service pack#
2. Zt/ SQL Server 20.0,kT\m1J'm]G<= Windows 53#
VZzQ<8Mw,IT*<20 SQL Server K#
Z20sdC SQL Server 2000*dC SQL Server 2000,9.Z Tivoli Identity Manager r\P9C,zXkjIt
I20sNq#
1. t/ MS SQL Server Enterprise Manager#
2. 7#tCKlO==DO$#
a. !q$_ –> SQL Server dCtT...
b. Z02+T1!n(P,7#!q0SQL Server M Windows1O$#
3. 4(BD}]b#
a. 9C<=w,/@= Microsoft SQL Server –> SQL Server i –> (>X)
Windows NT –> }]b#
b. R|%w}]bZc"!qB}]b#
K1+T>0}]btT10Z#
c. Z0#f1!n(O,*0{F1VNa) itimdb 5#
d. Z0}]D~1!n(P,a)TBE":
v u<D~s!(MB):20
v !P0T/v$D~14!r#
v !q0;^FD~v$1%!4%#
e. Z0BqU>1!n(P,a)TBE":
v u<D~s!(MB):20
v !P0T/v$D~14!r#
v !q0;^FD~v$1%!4%#
f. %w7(#
20 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z 4 B ?<~qwdC
>BhvgNdC?<~qw#b)=hyZby;vYh,4z.0Q-20K?
<~qw"<8dC) Tivoli Identity Manager 9CD?<~qw#
":
1. IBM Directory Server V5.1 I20;v IBM DB2 5}#k7#;*20=v IBM
DB2 5}#PX|`E",kND http://www.ibm.com/software/network/directory O
D IBM Directory Server D5#PX\'VD?<~qwD|`E",kNDZ 95
3D=< B, :kT Windows Dm~M2~*s;#
2. g.020K IBM Directory Server V5.1,dPI\aP;v4"aD WebSphere
– Express 5},Sx<B1ZDKZe;#PX|`E",kNDZ 25 3D:Z,
;(FczO9C V5.1 M WebSphere Application Server;#
k!qN<TBZ].;:
v :IBM Directory Server dC;
v Z 26 3D:Sun ONE Directory Server dC;
IBM Directory Server dC
>ZhvgNdC IBM Directory Server#
TB=h}CKb)d?:
dirserver_installdir
20 IBM Directory Server D?<#}g:
v AIX:/usr/ldap/
v Solaris:
– IBM Directory Server V4.1:/opt/IBMldapc/
– IBM Directory Server V5.1:/opt/ldap/
v Windows:c:\Program Files\IBM\ldap
cd_installdir
CD OD?<#*kTzD73R=}7D CD,kNDZ 89 3D=< A, :b
L;PD CD 1 hv#
versionspecific_slapd
v IBM Directory Server V4.1 9C slapd w*|n,"T slapd32.conf w
*D~#
v IBM Directory Server V5.1 9C ibmslapd w*|n,"T ibmslapd.conf
w*D~#
my_suffix
z* Tivoli Identity Manager s:(eDNb5,ng com#
*dC IBM Directory Server,kjITB=h:
1. Z 22 3D:* Tivoli Identity Manager 8(s:;
© Copyright IBM Corp. 2003 21
2. :* Tivoli Identity Manager dC}Cj{Te~;
3. Z 23 3D:XBt/?<~qw;
4. Z 24 3D:4( LDAP s:Ts;
* Tivoli Identity Manager 8(s:
** Tivoli Identity Manager 8(s:,kG<= IBM Directory Server 53"4P
TB=h:
1. Z`- versionspecific_slapd.conf D~.0k#9 IBM Directory Server#Zu</
}LP IBM Directory Server +A!CD~,"Z IBM Directory Server U91f
;CD~#
2. `-TBD~:
v UNIX:<dirserver_installdir>/etc/versionspecific_slapd.conf
v Windows:<dirserver_installdir>\etc\versionspecific_slapd.conf
3. R=gBP:ibm-slapdSuffix: cn=localhost
4. ZCPBmSgBP:ibm-slapdSuffix: dc=my_suffix
dP my_suffix Gz* Tivoli Identity Manager (eDs:5#
5. PXdCDB;v=h,kND:* Tivoli Identity Manager dC}Cj{Te
~;#
* Tivoli Identity Manager dC}Cj{Te~
zITZ20 Tivoli Identity Manager .0r.sdC}Cj{Te~#
*iRJCZzD73DD~,kQwZ 89 3D=< A, :bL;PyvD CD 2 #
kR=TB?<:
v AIX:DelRef/aix/
v SUN:DelRef/sun/
v Windows:DelRef\nt\
kR=`&D~:
v libdelref
Tivoli Identity Manager D}Cj{Te~bD~
v timdelref
Tivoli Identity Manager dCD~
*dC}Cj{Te~,k4PTB=h:
1. S CD 2 P4FTB Tivoli Identity Manager e~bD~:
v AIX:libdelref.a
v Solaris:libdelref.so
v Windows:libdelref.dll
=TB?<~qw?<P:
v UNIX:<dirserver_installdir>/lib
v Windows:<dirserver_installdir>\bin
22 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
2. SOJD CD ?<4F{F* timdelref.conf D Tivoli Identity Manager dCD
~=TB?<~qw?<P:
v UNIX:<dirserver_installdir>/etc
v Windows:<dirserver_installdir>\etc
3. ^DTB?<~qwD~:
v UNIX:<dirserver_installdir>/etc/versionspecific_slapd.conf
v Windows:<dirserver_installdir>\etc\versionspecific_slapd.conf
4PTB=h:
a. ZCD~PQwKP:
ibm-slapdPlugin: database path_to_rdbmfilename rdbm_backend_init
dP path_to_rdbmfilename D5*:
v AIX:/lib/libback-rdbm.a
v Solaris:/lib/libback-rdbm.so
v Windows:/bin/libback-rdbm.dll
b. ZtSOvP.sD;PPmSTBZ]:
v AIX:
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.a DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
v Solaris:
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.so DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
v Windows:
ibm-slapdPlugin: preoperation "<dirserver_installdir>/bin/libdelref.dll"DeleteReferenceInit file="<dirserver_installdir>\etc\timdelref.conf"dn=dc=my_suffix
":*8( Windows P timdelref.dll M timdelref.conf D~D76,k
7#z+5CZ;T+}E.d#mb,kC}1\8( timdelref.dll
D~D76#
4. XBt/?<~qw#PX|`E",kND:XBt/?<~qw;#
XBt/?<~qw
*#9"XBt/ IBM Directory Server,k4PTB=h:
v Windows:dkTB|n:
net stop "IBM Directory Server version"net start "IBM Directory Server version"
dP version GTB IBM Directory Server f>.;:
– V4.1
– V5.1
r_,4PTB=h:
1. %w*< –> hC –> XFfe –> \m$_ –> ~q#
Z 4 B ?<~qwdC 23
2. R|%w0IBM Directory Server f>1#
3. Z/vK%P,%w#9;s%wt/#
4 . 7 ( } C j { T e ~ G q Q X B d C # Z
dirserver_installdir\var\versionspecific_slapd.log D~PiRkTB{"
`FD{":
PREOPERATION `MDe~QS c:/Program Files/IBM/ldap/bin/libdelref.dll PI&0k
v UNIX:
1. kdkTB|n:
ps -ef | grep versionspecific_slapd
2. k"bZOv|na{P5XDxLj6(PID)}V#
3. dkTB|naxCxL:kill <PID>
dP <PID> f;*.05XD PID 5#
4. (}X4 ps -ef | grep versionspecific_slapd |n1AxL;Pk|na
{47#CxLQax#
5. XBt/?<~qw,T7#BhCz'#dkTB|n:
versionspecific_slapd
6 . 7 ( } C j { T e ~ G q Q X B d C # Z
dirserver_installdir/var/ldap/versionspecific_slapd .log D~PiRkT
B{"`FD{":
PREOPERATION `MDe~QS /usr/ldap/lib/libdelref.a I&0k
4( LDAP s:Ts
Z* Tivoli Identity Manager 4( LDAP s:Ts.0,zXk8(s:"XBt/
?<~qw#
*4( LDAP s:Ts,k4PTB=h:
v |nP:4(;vkTBZ]`FD LDIF D~,ng suffix.ldif:
dn: dc=my_suffixdc: my_suffixobjectclass: topobjectclass: domain
9C ldapadd |nmSs:#}g,Z;PPdkTBZ]:
<dirserver_installdir>/bin/ldapadd -i <full_path_to_suffix.ldif> -D <ldap_admin>-w <ldap_admin_password>
v LDAP \mXF(:(}+Ts`D5hC*r4(s:Ts#k9CTB.;:
– IBM Directory Server V4.1:?<\m$_
– IBM Directory Server V5.1:\mXF(
}g,4TB=h9C IBM Directory Server V5.1 Web \mXF(:
1. %w?<\m –> mSu?#
2. !qrw*0a9TTs`1#%wB;=#
3. ;*mS0(zTs`1#%wB;=#
4. TZ0`T DN1,mS dc=my_suffix#
24 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
5. TZ0XhtT1,mS my_suffix#
6. %wjI#
7. %w?<\m –> \mu?#
s: dc=my_suffix &CMrDTs`;pPv#
Z,;(FczO9C V5.1 M WebSphere Application Serverg{.0 IBM Directory Server V5.1 QfZ,d20I\|(K WebSphere – Express,
xs_I\4Z?j53P"a#
gz9C Tivoli Identity Manager Z,;(FczO20 WebSphere Application Server,
20}L;alb WebSphere – Express 5}#WebSphere – Express M WebSphere
Application Server +:y,;vKZ/#Z20 Tivoli Identity Manager M WebSphere
Application Server .0,z&Ce}k WebSphere – Express DyP1ZKZe;#
WebSphere Application Server 9CTB1!KZhC:
v HTTP +d(KZ 1):9080
v HTTP +d(SSL,KZ 2):9443
v HTTP +d(KZ 3):9090
v HTTP +d(KZ 4):9043
v Bootstrap/rmi KZ:2809
v r%TsCJ-i(SOAP),SwKZ:8880
9CD>`-w+ WebSphere – Express 9CD?v1!KZ|D*;v49CDKZ#
}g,4PTB=h:
v ZTBD~P^D?v HTTP +dKZE:
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\servers\server1\server.xmldirserver_installdir\appsrv\config\cells\DefaultNode\virtualhosts.xml
C49CDKZEf;TB HTTP +dKZE:
– 9080
– 9443
– 9090
– 9043
v Bootstrap/rmi KZ:2809
R=|,KZE 2809 DP"C;v49CDKZEf;CKZE#CPZTBD~
P:
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\serverindex.xml
v SOAP ,SwKZ:8880
R=|,KZE 8880 DP"C;v49CDKZEf;CKZE#CPZTBD~
P:
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\serverindex.xml
Z 4 B ?<~qwdC 25
Sun ONE Directory Server dC
":ZTBodP,my_suffix Gz* Tivoli Identity Manager (eDNNs:5,n
g com#
*dC Sun ONE Directory Server,kjITB=h:
1. t/ iPlanet XF(#
K1+T> iPlanet XF(G<T00Z#
2. i$\m URL DKZE,dkzD\k"%w7(#
3. *rXF(wPD0?<~qw1"%wr*#
4. !q0dC1!n(#
5. R|%w0dC1!n(P?<~qwwD}]"%wB(ys:#
K1+T>04(BDys:1T00Z#
6. Z04(BDys:1T00D0Bs:1D>VNPdk dc=my_suffix#
7. Z0}]b{F1D>VNPdkZ{D}]b{F#
}g,dkTBZ]:
itimdb
8. g{T/4(X*}]b4!r4;!P,k!q|"%w7(#
K1+T>0h*7O1T00Z#
9. Z0h*7O1T00Z,%wG#
K1+YNvV?<~qwXF(#
10. !q0?<1!n(#
11. R|%w?<~qwwPD?<~qw{F#
K1+T>;v/vK%#
12. !q/vK%D0ByTs1BD dc=my_suffix#
K1+T>0BTs1T00Z#
13. !qr"%w7(#
K1+T> dc=my_suffix D0tT`-w1T00Z#
14. Z0tT`-w1T00ZP%w7(#
K1+YNvV?<~qwXF(#
15. !qNq!n("%wXBt/?<~qw#
K1,Sun ONE Directory Server QhCCK#
16. (}jITB}L,vS Tivoli Identity Manager ~qwDICZf_Y:f:
a. r*?<~qwXF("%wdC!n(#
b. Z?<wP9*0}]1Zc"%w}]bhC!n(#
c. %w LDBM e~hC!n(#
d. yZ2~DomZf,+0ns_Y:fs!1hCh*;vOJD5#
g{ Sun ONE Directory Server G@"20D,r(i+K5hC*53IC
ZfD 75%#
e. %w#f#
f. 9* Tivoli Identity Manager &CLrZc#
26 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
}g,bITG dc=com#
g. !q Tivoli Identity Manager &CLrZcPD}]bTs,"%w}]bh
C!n(#
h. yZ2~DomZf,+0ICZ_Y:fDZf1hCh*;vOJD5#
g{ Tivoli Identity Manager G9CK?<(;D&CLr,(i+K5hC
*0LDBM e~hC1!n(PyhCD0ns_Y:fs!1D 60%#
i. %w#f#
j. %wNq!n("XBt/?<~qw#
Z 4 B ?<~qwdC 27
28 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z 5 B %;~qw20:Tivoli Identity Manager ~qw
>BhvZ%;~qwdCB20MdC Tivoli Identity Manager ~qwDNq#
ZH0420 WebSphere Application Server Base DFczO,%;~qw20}L+
y]TBu~T/20TB&CLrM^)|:
v WebSphere Application Server Base
g{?j53P;fZTBNNLr,r+T/20 WebSphere Application Server Fix
Pack 2 kZ 95 3D=< B, :kT Windows Dm~M2~*s;PPvD APAR#
– WebSphere Application Server V5.0 r|Mf>
– WebSphere Application Server xg?p
v IBM HTTP Server
g IBM HTTP Server ;fZ,rfZH 1.3.26 MDf>,r+20 IBM HTTP
Server#
v WebSphere 6k={"+]'V
v Tivoli Identity Manager ~qw
":g{Q-20K WebSphere Application Server 5.0,r Tivoli Identity Manager v
20 Tivoli Identity Manager ~qw#
PXX(&CLrf>M^)|DE",kNDZ 95 3D=< B, :kT Windows D
m~M2~*s;#
20Nq|,TB=h:
v :*<0;
v Z 36 3D:20 Tivoli Identity Manager ~qw;
*<0
Zz*<.0,k4PTB=h:
v k7#TB Tivoli Identity Manager X8m~}ZKP:
m 1. X8&CLr
X8m~ PX|`E",kND
}]b Z 11 3DZ 3 B, :}]bdC;
?<~qw Z 21 3DZ 4 B, :?<~qwdC;
v k7#QzcICELUd"ibZfMd|Ud*s#PX|`E",kNDZ
95 3D=< B, :kT Windows Dm~M2~*s;#
v g{ Tivoli Identity Manager 20}L20K WebSphere Application Server,r?
j53XkzcZ 95 3D=< B, :kT Windows Dm~M2~*s;MZ 99 3
D=< C, :<8 WebSphere 73;PhvD*s#PX WebSphere *sDd|E
",kND WebSphere Application Server a)DD5#
© Copyright IBM Corp. 2003 29
v k7#z5P}7D\m(^#g;P,kq!C(^"XBt/53T$n}7
D(^#
Z Windows O,C'XkZ Administrators iP(+;G Administrator C')#
Administrators iPDC'&C5PTB(^:
– d1Yw53D;?V
– w*~qG<
*7(y!qDC'(^,k4PTB=h:
1. %w*< –> XFfe#
2. ZXFfeO,%w\m$_ –> >X2+_T –> >X_T –> C'(^8(#
3. %wOJD(^T!q|G#
v g{H0Q20K WebSphere Application Server "R0WebSphere +V2+T1Q
r*,kZ20 Tivoli Identity Manager .sjIX*DV/=h#PXG)20s
=hD|`E",kNDZ 108 3D:20 Tivoli Identity Manager .s%Zc?p
DV/=h;# PX0+V2+T1D|`E",kND WebSphere Application
Server a)DD5#
v 7(?jFczO10GqfZTBLrD5},;sI!X*D|}Yw:
– WebSphere Application Server Base M Fix Pack 2 GqQfZ?
":
1. Z20 Tivoli Identity Manager .0r.s,zXk&CZ 95 3D=< B, :k
T Windows Dm~M2~*s;PyvDXhD^)|kY1^)Lr#
2. 20Lr+lb WebSphere Application Server 5.0 T0 Fix Pack 2 GqQ
fZ#g{ WebSphere Application Server 5.0 fZ+ Fix Pack 2 ;fZ,
20}L+a>/f{",+;a20 Fix Pack 2#20}L9+lb
WebSphere Application Server xg?p Fix Pack 2#PX|`E",kND
Z 95 3D=< B, :kT Windows Dm~M2~*s;#
– WebSphere 6k={"+]'VGqQfZ?g{ WebSphere Application Server
QfZZ?j53P,20}L;ali WebSphere 6k={"+]'VGq2
fZ#ZKivB,g{ WebSphere 6k={"+]'V;fZ,kYNKP
WebSphere Application Server 20Lr420 WebSphere 6k={"+]'V#
g{ WebSphere Fix Pack 2 Q&C= WebSphere Application Server Base P,
zXkKP,;^)|T&C WebSphere 6k={"+]'VD9!#
v ki$ WebSphere Application Server Bq~qhCc;s=\&mzD5qwLD
Tivoli Identity Manager :X#PX^Db)hCDj8E",kNDZ 104 3D:d
C WebSphere Application Server Bq~qhC;#g{z;^Db)hC,9.\
&mzD5qwL:X,rksZjI.0I\,1#
v g{FczO20P`vf>D WebSphere Application Server,k7#zQbvKy
PKZJb#PX|`E",kNDZ 31 3D:bvKZJb;#
v Z*20 Tivoli Identity Manager DFcz,hCT&ZzDoT73D5T7#\
6poTq=#
v 7# WebSphere Application Server Fix Pack 2 2&CZQ20 Web ~qwDFc
z#Z20^)|0#9 Web ~qw#
":ZdCPI\PtI WebSphere Web e~,|(xP WebSphere Application
Server xg?pDFczOD WebSphere Web ~qwe~#
30 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
v jIdCDE"$wm#
bvKZJb
53I\"zTBKZJb:
v Z20 Tivoli Identity Manager .0,k7#QZTB;C* WebSphere 5.0 (e
K,; SOAP KZ:
– ZTBD~PD com.ibm.ws.scripting.port:
{WAS_HOME}\properties\wsadmin.properties
– ZTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ:
{WAS_HOME}\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
g{5;;y,k4TB=h|}KZE:
1. r* wsadmin.properties D~#
2. + com.ibm.ws.scripting.port D5|D*zZ serverindex.xml D~PR=D
5#
":g{IZ SOAP KZE;}7x9C20'\,k|}KZ8("XBKP
{ITIM_HOME}/bin/runConfig install |n#
v 20jI.s,g{ibwzKZ5k Tivoli Identity Manager h*D5;,,Tivoli
Identity Manager G<xL+'\#
Tivoli Identity Manager *sibwzKZ5* 80 M 9443#g{2+(EQtC,
+9CKZ 9443#
ZFczO20 WebSphere ~qwD5}+8( Tivoli Identity Manager $F9C
DibwzKZED}75#
+G,Z,;FczO20 WebSphere ~qwDZ~v5}(ng xg?p\m
w)+T/98(x xg?p\mwDKZEvS 1#}g,ibwzKZES 80
vS= 81,S 9443 vS= 9444#zXk+KZEXBdC* Tivoli Identity Manager
*sD}V#
*|}ibwzKZE,kCJ WebSphere \mXF("4PTB=h:
1. %w73 –> ibwz –> 1!wz –> wzp{#
2. +ibwzKZ5|D* 80 M 9443#
3. (}!qkZc,=|D,+CdC#f=wb#
4. %w|B Web ~qwe~"%w7(#
5. XBt/:/#
%;~qw20DE"$wm
Z*<20.0kU/TBE":
}]bE"
*X5}]b\m53U/TBE":
\m1j6 ______________________________
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 31
20}]b14(D\m1C'j6(db2InstanceName w*}]b5}yP
_)#}g,TBG IBM DB2 D1!5:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 11 3D:IBM DB2 dC;#
\m1\k ______________________________
\m1C'j6D\k#
}]b{F ______________________________
8( Tivoli Identity Manager ~qw,S=}]bD==#g{G>X20}
]b,r0}]b{F1GC}]bD{F#}g,0}]b{F1D5G
itimdb#g{G6L20}]b,r0}]b{F1G6L}]bD>Xp
{#PX9C catalog |n48(6L}]bD|`E",kNDZ 14 3D
:dC IBM DB2 JDBC }/Lr;#
}]b`M ______________________________
*zD539CD}]b`M#}g,}]bG IBM DB2#
}]b>$:
}]bC'
Tivoli Identity Manager ~qwCZG<=}]bDJ'#C'j6G
enrole#
":KC'j6;\|D#
C'\k
Tivoli Identity Manager ~qwCZG<=}]bDJ'\k#
IP X7 ______________________________
}]b~qwD IP X7#T IBM DB2 ;GXhD#xT Oracle M SQL
Server 2000 GXhD#
KZE ______________________________
}]b~qwDKZE#T IBM DB2 ;GXhD#xT Oracle M SQL Server
2000 GXhD#
mb,20}L9(fTB}]bXE"#}]bXE"7( Tivoli Identity Manager ~
qwITT}]br*D JDBC ,SD}?#XZ|`DE",kND Tivoli Identity
Manager Server Configuration Guide#
ky]z>cDhs@@TBw5:
u<]?
Tivoli Identity Manager ~qwITT}]br*D JDBC ,SDu<}?#
ns]?
ZNN;v1L,Tivoli Identity Manager ~qwITT}]br*D JDBC ,
SDns}?#
32 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
G<S1k}
xP,S.dD1d(Tk*%;)
?<~qwE"
kU/TBE":
wz{ ______________________________
?<~qwD+^(wz{#}g,identity1.mylab.mydomain.com#
Identity Manager DN ;C ______________________________
zZ0;C1VNPdkD5(ng dc=com)XkkzZdC LDAP 14(
Ds:(}g dc=com)`%d#PX|`E",kNDZ 21 3DZ 4 B, :?
<~qwdC;#
i/{F ______________________________
Z0zDi/{F1VNPdkD5+T>Zm` Tivoli Identity Manager <
NC'gfA;PyT>Di/<mO#K5;cGz+>HO}=D{F#
}g,i/{F* IBM +>#
":zITZKVNPdk%VZV{/(ASCII)V{r+VZV{/V
{#
1!i/L{F ______________________________
Z01!i/L{F1VNPdkD5+Z IBM Directory Server Z?CTz
mzDi/#K5;cGz+>{FDu4#}g,L{F* ibmcorp#
":Z01!i/L{F1VNP;\dk%VZV{/(ASCII)V{,n
gC"om>Dj6#
"Pf"x}? ______________________________
"Pf"xCZVI}]nTxPErri/#ky]z>cDhs@@1!
5(1)#
KZ ______________________________
?<~qw+l}DKZ,ng 389#
we DN ______________________________
we(P{FC'j6#}g,cn=root#
\k ______________________________
zZ20?<~qw14(Dwe(P{FC'j6D\k#
mb,20}L9(f Tivoli Identity Manager ~qwICJD LDAP ,SXDTB
w LDAP ,SXE"VN#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#
ky]z>cDhs@@TBw5:
nsXs!
ZNN1d LDAP ,SXDns,S}
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 33
nuDXs!
nu* LDAP ,SX4(D,SD}?
v?F}
1yP,SyZ9CDivB,?Nks,S1mS= LDAP ,SXD,SD
F}#
%;~qw20D WebSphere Application Server E"
%;~qwdCD WebSphere Application Server 20_PTBVN#PX|`E",
kNDZ 99 3D=< C, :<8 WebSphere 73;#
\m1C'j6 ______________________________
g{*20 WebSphere Application Server D0,bGXhD#bCZ4(
WebSphere Application Server M IBM HTTP Server ~q#C'j6XkPT
B(^,qr Tivoli Identity Manager 20+'\:
v d1Yw53D;?V
v w*~qG<
\m1\k ______________________________
\m1C'j6\k
$w>wz{______________________________
Z%;~qw20}LPT>D+20 WebSphere Application Server Base D
omFczDP'wz{#g{ WebSphere Application Server Base Q20,
r;T>KVN#
":g{*9C/,wzdC-i(DHCP)7(FczD IP X7,r;*9
CFczD+^(wz{#kv9CL{F#
20?< ______________________________
WebSphere Application Server Base D20?<#}g,?<* drive:\Program
Files\WebSphere\AppServer# KVNPTBu~:
v g{ Tivoli Identity Manager 20Lr20 WebSphere Application Server
Base,rKVNGXhD#
v *K7O WebSphere Application Server Base GqQ-20#
Zc{ ______________________________
C'(eDZc{(#8(*k_PL( IP wzX7DomFczDwz{`
,#
KZ ______________________________
WebSphere Application Server +l}DKZ#1!5G 9090#zXk7#KK
ZIC#g{ WebSphere Application Server Base Q20,r;T>KVN#
~qw{F ______________________________g{H0Q-20K WebSphere Application Server,rKVNa>zdk
WebSphere Application Server {F#bGZ%;~qw20}LPz?p Tivoli
Identity Manager D?j WebSphere Application Server#
2+ThC
TBVNT>Z053dC2+T1!n(O#
34 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
S\(4!r)
T Tivoli Identity Manager tTD~PD}]b"LDAP M WebSphere
Application Server \m1C'j6D\kxPS\#
&CLr~qwC'\m
9z\hCk7OTBC'D\k:
53C'
WebSphere Application Server C'j6M\k#v1r*
WebSphere +V2+T1GXhD#gZ 107 3D:WebSphere
D2+T;PyvDV/=h,KC'j6_P;vng
wasadmin D5#
EJB C'
zXkZt/20.0Q(eDC'M\k#v1r*
WebSphere +V2+T1GXhD#gZ 107 3D:WebSphere
D2+T;PyvDV/=h,KC'j6_Png itimadmin
D5#
":g{KVNvV1Q$HmCKZ],rKVNI\|,
5 wasadmin#+CVND5|D*5 itimadmin#
WebSphere 6k={"+]~qwMM'z
kU/TBE":
20?< ______________________________
bG WebSphere 6k={"+]'V D20?<#
IBM HTTP Server E"
kU/TBE":
20?< ______________________________
KVNZ%;~qw20}LPT>#KVNv1 WebSphere Application Server
k IBM HTTP Server y;201T>#bG IBM HTTP Server D20?<#
Tivoli Identity Manager E"
k"b Tivoli Identity Manager DTBE":
S\\?
\?I\GNNVrLo#\?CZS\ Tivoli Identity Manager \kMd|
tPD>#C5w* enrole.encryption.password f"Z enRole.properties
D~P#
U>G<6p
T>ZzY53ms1U>Dj8LH#(}Z0U>G<6p1VNPhC
INFO k FATAL .dD}V,53\m1\;!qU>D~Dj8LH#U
>G<6p=_,53DT\=C,r*4kU>D~DE"+=Y#
J~~qw{F
'V SMTP J~~qw#SMTP wzGJ~xX#
C'j6 ____itim manager________
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 35
Tivoli Identity Manager C'j6#20sD1!5G itim manager#G< Tivoli
Identity Manager 1k9CKC'j6#
\k ____secret______________
8(* itim manager D Tivoli Identity Manager \m1C'j6D\k#Z
20s"LvVD1!\kG secret#
":G< Tivoli Identity Manager ~qw1,53a?Fz|D\m1J'\
k#
20 Tivoli Identity Manager ~qw
TBwL<hvZ%;~qwdCP20 Tivoli Identity Manager ~qw}LPB~D
y>3r:
36 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
*Z%;~qwdCP20 Tivoli Identity Manager ~qw,kjITB=h:
1. Z 38 3D:/@nuD06-10ZM0mI10Z;
< 5. %;~qw20wL<(Windows)
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 37
2. Z 39 3D:!q20`MM20?<;
3. Z 39 3D:!q}]b;
4. Z 40 3D:jI%;~qw200Z;
5. Z 41 3D:8( WebSphere +V2+T;
6. Z 43 3D:8(S\\?"DA200**;
7. Z 44 3D:20x9Md|dCn/;
8. Z 53 3D:%;~qw20DU>M?<;
9. Z 54 3D:jI2+TdC;
10. Z 55 3D:bT Tivoli Identity Manager ~qwD(E;
/@nuD06-10ZM0mI10Z53Z20}L*<.0avV;5P6-MmI0Z#*/@b)u<0Z,k4
PTB=h:
1. G<=+*20 Tivoli Identity Manager ~qwDFcz#
":
1. zXk9C_P53\mX(DJ'G<(Administrator)#
2. Q Tivoli Identity Manager z7 CD ek= CD-ROM }/wP#**zD73R
=}7D CD,kNDZ 89 3D=< A, :bL;#
3. %w*< –> KP#
4. dkzD CD-ROM }/wL{,;sdkTB|n:
instW2K-WAS.exe
K106-10Z+r*#
":g{zDG<J';P4P instW2K-WAS.exe DmI(,zXkZhCJ'm
I(T4PKD~#
< 6. 06-10Z
38 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
5. *|DvCZ20feODoT,k%w8>0"o1DrPDrB}7"!qm
;VoT#%w7(#
":C!n;a!q Tivoli Identity Manager &CLr.sKP19CDoT|#
K10mI$-i10Z+r*#
6. DAmI$-i"7(GqS\dun#g{S\,k%wS\#%wB;=#
!q20`MM20?<
K10!q20`M10Z+r*#
k4PTB=h:
1. !q%;~qw!n,"%wB;=#
K10!q20?<10Z+r*#
2. S\1!20?< c:\itim45 r(}%w!q...4!qm;v?<#%wB;=#
!q}]bK1ar*0!q}]b`M10Z#
!qTBdP;V}]b`M"%wB;=:
v IBM DB2 (C}]b
v Oracle#PX|`E",kNDZ 15 3D:Tivoli Identity Manager D Oracle 20M
dC;#
v SQL Server 2000. PX|`E",kNDZ 20 3D:SQL Server 2000 dC;#
< 7. 0!q20`M10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 39
jI%;~qw200Zg{%;~qw20}LP4lb= WebSphere Application Server M IBM HTTP
Server,r+"zTB3r=h:
":g{20}Llb=VfD&CLr,b)=hD3r+Dd#
1. K1+vV;vksdk WebSphere Application Server"IBM HTTP Server"M
WebSphere 6k={"+]~qwMM'zy9CD20?<D0Z#
S\1!?<,r_dkzF.C420 WebSphere Application Server M IBM
HTTP Server D8C?<#Z Windows P,+vVm;vksdk WebSphere 6
k={"+]'V?<D0Z#%wB;=#
":g{lb=.0fZ}7f>D WebSphere Application Server,r+vV;v
m;0Z#g{lb=.0fZ}7f>D IBM HTTP Server,dVN;T>
ZC0ZP#
2. .s+vV;v0Z,a>dk$w>wz{"Zc{T0 WebSphere Application
Server l}DKZ#
":g{Q20 WebSphere Application Server,+vV;va>zdk WebSphere
Zc{M WebSphere Application Server {FD0Z#g{9C DHCP 7(F
czD IP X7,rk;*9CCFczD+^(wz{#kv9CL{F#}
g,identity1 GL{F,x identity1.tivlab.raleigh.ibm.com G+^({#
< 8. 0*20 WebSphere Application Server dkTB}]10Z
40 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
S\1!5rJ1^Db)5#%wB;=#
3. g{ Tivoli Identity Manager 20K WebSphere Application Server,ravVhv
WebSphere Application Server h*DX8m~Dd|0Z#k"bb)*s#%w
7(#
4. K1+vV;v*sdk Windows 2000 Administrator C'j6M\kD0Z#j
IdPDVN"%w7(#k7#CC'j6PTBC'(^:
v d1Yw53D;?V
v w*~qG<
8( WebSphere +V2+T
53+r*0WebSphere 2+T10Z#
":v1Q20 WebSphere Application Server 1ET>0WebSphere 2+T10ZM
>$0Z#
< 9. 020 WebSphere Application Server Base D}]10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 41
g{0WebSphere +V2+T1Qr*,k%wtC WebSphere 2+T#
K1+vVm;v0Z,*sz8( WebSphere Application Server C'j6M\k#
bGZ 107 3D:WebSphere D2+T;PDV/=hyhvD wasadmin C'j6#
ka)C'j6M\k"%wB;=#
< 10. 0WebSphere 2+T10Z
< 11. 0WebSphere \m1>$10Z
42 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
8(S\\?"DA200**
08(S\\?10Zr*s+vV20**0Z#
1. ka);vS\\?,|I*NNVrLo#\?CZS\ Tivoli Identity Manager
\kMd|tPD>#C5w* enrole.encryption.password f"Z
enRole.properties D~P#%wB;=#
K1+r*0200**10Z,dPPv*20Di~"yhDICELUdT
020?<,ng c:\itim45#
2. ZLx0k7#yhELUdIC,"%w20#
g{ Tivoli Identity Manager 20K WebSphere Application Server,rZ;N1d
dts+T>;v0Z,ksdk|, WebSphere Application Server 20~xFD
~D?<#
3. 8(20D~D;C(kT Windows,* mount_point\nt)"%wB;=:
Z20*s9CD1ddtP+r*;5PD20x90Z#ZyhJ4*snM
DFczO,1ddtDwCa\Tx#
< 12. 08(S\\?10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 43
20x9Md|dCn/
20}LZ;N1dZ20 Tivoli Identity Manager ~qw#20.s,aT/r*d
|0Z:
1. :Tivoli Identity Manager }]bDu<dC;
2. Z 45 3D:Tivoli Identity Manager ?<Du<dC;
3. Z 46 3D:Tivoli Identity Manager Du<dC;
Tivoli Identity Manager }]bDu<dC
53ar*;v}]bdC0Z,zIxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
KdCn/+dCtTD~"Z Tivoli Identity Manager }]bP("m#
k4PTB=h:
1. 1 Tivoli Identity Manager0}]bdC10Zr*1,kdkOJD5#
< 13. 20x90Z
44 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
":g{z*9C Oracle w*zD}]b,rXkZLx4P IBM Tivoli Identity
Manager0}]bdC10Z.0,+ Oracle JDBC }/Lr4F=
<ITIM_HOME>/lib ? < T 0 W e b S p h e r e A p p l i c a t i o n S e r v e r D
{WAS_HOME}/installedApps/enrole.ear ?<P#zIZZ 89 3D=< A, :b
L;PyvD9d CD OR= Oracle JDBC }/LrD1>(Z{*
classes12.zip DD~P)#
2. * Tivoli Identity Manager 9CD}]bjI}]bdCVN#g{}]bG IBM
DB2,r0IP X71M0KZE1VNGRtD#Td|}]bb)VNGXhD#
}g,0}]b{F1r0p{1ITGng itimdb Du?#0\m1j61VN
D5GTB5PD;v:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 12 3D:dC IBM DB2 ~qw;#
3. %wbT#1}]bbTI&1,0}]bdC10ZPD0C'j61M0C'
\k1VN+d*n/4,#
4. *b)VNdkOJD5,"%wLx#
Tivoli Identity Manager ?<Du<dC
53+r*;v?<~qwdC0Z,zITxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
< 14. 0}]bdC10Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 45
kdkOJD5xP?<~qwDu<dC,Tc6p Tivoli Identity Manager#
k4PTB=h:
1. Zwv LDAP ~qwE"VNPdk5#}g,0wz{1VND5GKP?<~
qwDFczD+^(wz{#
2. %wbT#1,S?<~qwDbTI&1,Identity Manager ?<E"?VDVN
+d*n/4,#
3. (}8( Tivoli Identity Manager Ds:,0Identity Manager DN ;C1D5G
dc=my_suffix#PX|`E",kNDZ 22 3D:* Tivoli Identity Manager 8(
s:;#4ivjIb)VN"%wLx#
Tivoli Identity Manager Du<dC
TZyP20`M,k9C Tivoli Identity Manager ~qwa)D053dC10Z|
D}]b~qw"?<~qwMd|~qD5:
1. 0#f1!n(G;5PCZdC Tivoli Identity Manager ~qwD053dC1
!n(PDZ;v#
< 15. 0?<dC10Z
46 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
0#f1!n(PDVN5+;$nd#PXb)VND|`E",kND Tivoli
Identity Manager Server Configuration Guide PD53dCE"#
2. %w0?<1!n(#
K1+r*0?<1!n(0Z#
< 16. 0#f1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 47
X*1,k^D?<~qwDE"#g{K20GZ:/I1OxPD,rKE
"Xkk.0* xg?p\mw8(D LDAP E"`%d#
3. %w}]b!n(#
K1+r*0}]b1!n(0Z#
< 17. 0?<1!n(0Z
48 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
4. k* Tivoli Identity Manager }]ba)0}]b{F1,SE"#}g,0}]
b{F1D5I* itimdb#1!C'j6* enrole#g{C20Z:/I1Ox
PD,KE"Xkk.0* xg?p\mw8(D}]bE"`%d#
5. %wU>G<#K1+r*0U>G<1!n(0Z#
< 18. 0}]b1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 49
6. r_S\1!5 WARN,r_vZ>cT\D<G|Db)5Dj8LH#
7. %wJ~!n(#
K10J~1!n(0Z+r*#
< 19. 0U>G<1!n(0Z
50 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
8. Z0J~1!n(PdkXh5"%w7(#PXb)VND|`E",kND
Tivoli Identity Manager Server Configuration Guide#
":
1. Identity Manager ~qw URL VND5Gzm~qwD URL(}g,CZG
<= Tivoli Identity Manager D IBM HTTP Server)#
2. +0J~4T1X7|D*z>cD Tivoli Identity Manager 53\m1Dg
SJ~X7#zXk|DKX7,qrarPvDgSJ~X7"M,xJ
~#
9. %w UI#
K1+r* UI !n(0Z#
< 20. 0J~1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 51
10. r_S\ UI !n(OD1!5,r_^DUjMX7E"T8(zDi/D(F
06-1T>==M Web X7#0Pm3s!18(ZyPC'gfPT>ZP
mPDnD}?#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#%w7(#
11. %w2+T#
K102+T1!n(0Zr*#
< 21. UI !n(0Z
52 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
g{0WebSphere +V2+T1Qr*,xRQdk\m1C'j6M\k,rb
)VNa;$nd#g{0WebSphere +V2+T14r*,b)VN+*UW#
":
1. 0EJB C'1M0\k1VNDu<5G053C'1M0\k1VND5#z
I\h*^D0EJB C'1M0\k1VN#EJB C'j6D$HXkYZ 12
vV{#
2. g{zZK53dC02+T10ZP|DK EJB C'j6r EJB \kD5,
rZ20 Tivoli Identity Manager .sh*4PV/=h+2+TG+3d=
ITIM C',Sxt/ Tivoli Identity Manager#PX|`E",kNDZ 107
3D=< D, :2+T<G;#
12. %w7(TjI53dC#
13. mb,k7#d|52JZKP Tivoli Identity Manager M`X&CLr9CDd
C#
%;~qw20DU>M?<
53dCjI1,k"bTBU>;C:
m 2. 20U>D~{FM?<
D~{ ?<
dbConfig.stdoutldapConfig.stdoutitim45_installer_debug.txtrunConfig.stdout(kT:/20)runConfigTmp.stdout(Z%;~qwMxg?p\mwO)
{ITIM_HOME}\install_logs
< 22. 02+T1!n(0Z
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 53
m 2. 20U>D~{FM?< (x)
D~{ ?<
itim45_install.stdoutitim45_install.stderr
53 root
Tivoli_Identity_Manager_InstallLog.log g { 2 0 I & j I , r ? < *
{ITIM_HOME}#g{20'\,U>D~
+Z Windows @fO#
log.txtihs_log.txtmq_install.logserver1/SystemOut.logitim.log
{WAS_HOME}\logs
PX WebSphere Application Server U>D~D|`E",kND WebSphere Application
Server D5#
jI2+TdC
g{zrctC J2EE 2+T,kjITB=h:
v 20 Tivoli Identity Manager .s,kjITBV/=hTjI3d"XBt/ J2EE
2+T#PX|`E",kNDZ 108 3D:20 Tivoli Identity Manager .s%Z
c?pDV/=h;#
v k7# was.policy D~fZ#PX|`E",kNDZ 108 3D:dC was.policy
D~;#
Z20 Tivoli Identity Manager .s9C runConfig20 Tivoli Identity Manager .s,k9C runConfig |n*ngTBwVn/jI
53dC:
v |D enrole C'D\k#
v 8(\kS\"|B Tivoli Identity Manager EJB C'j6M\k#PX|`E",
kNDZ 46 3D:Tivoli Identity Manager Du<dC;PXZ053dC10ZP
D!n(Dhv#
PX9C runConfig |nD|`E",kND Tivoli Identity Manager Server
Configuration Guide#
P!qX20oT|
g{1!oT;G"o,kZ20 Tivoli Identity Manager sP!qXq!k20 Tivoli
Identity Manager ~qwDoT| CD#9C|nP==420oT|#}g,dkTB
Z]:
java –jar itimlp_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20Lr
feOvVD8>E"#
54 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java Runtime
Environment 1.3.1#
bT Tivoli Identity Manager ~qwD(E
*bT}]b"?<~qwM Tivoli Identity Manager ~qwGqQ}7dC"%`(
E,kjITB=h:
1. bT JDBC }/LrT7#|}ZKP:
a. Z*<.0,k7#}]b~qwM WebSphere Application Server }ZKP#
PXt/ WebSphere Application Server D|`E",kNDI WebSphere
Application Server a)DD5#
b. CJ WebSphere Application Server \mXF(#
c. %wJ4 –> JDBC a)Lr#!q?jZc#
d. !q~qww*6',;s!q;v?j~qww* server1,Y%w&C#
e. v/= JDBC a)LrPm"+w ITIM JDBC a)Lr#
f. v/T>DT0rTi40d|tT1#%w}]4#
g. ZT>D0}]41T0rP,%wbT,S#K1+vV;u8>bTa{
D{"#
g{bT'\,k7#zQ}7R= IBM DB2 E*D~#g{z}Z9C IBM
DB2 V7.1 r V7.2,"RCz7xPyhD^)|,k7#Zt/ WebSphere
Application Server .0Z shell PKPK usejdbc2 shell E>#YNbT,S#
g{,S;pwC,ki$ enrole C'j6M\kyQ}7dC#g{ IBM
DB2 }]bG6LD,k7#T}]b~qwMM'z&CK,; IBM DB2 ^
)|6p#
":Fix Pack 3 +Q IBM DB2 V7.1 73(F= IBM DB2 V7.2 ;cICT
6p#PX|`E",kNDZ 95 3D=< B, :kT Windows Dm~M
2~*s;#
2. %;~qw20}L+T/t/ Tivoli Identity Manager ~qw#g{~qw4Z
KP,kt/ Tivoli Identity Manager ~qwMyPX8&CLr#g{ IBM DB2
Q9C,k7#zZt/ WebSphere Application Server .0QR= IBM DB2 E
*D~#
%w*< –> Lr –> IBM WebSphere –> Application Server V5.0 –> t/
~qw#r_,zITdkTB|n:
{WAS_HOME}\bin\startServer.bat servername
}g:
{WAS_HOME}\bin\startServer.bat server1
3. G<= Tivoli Identity Manager#}g,Z/@w0ZdkTBZ]:
http://hostname/enrole
dP hostname G}ZKP Tivoli Identity Manager ~qwDFczD+^({r IP
X7#
Z 5 B %;~qw20:Tivoli Identity Manager ~qw 55
":
1. k;*Z,;M'zFczOt/=v@"D/@wa0#b=va0+;S
w;va0j6,Sxzz}]Jb#
2. g{zZ Tivoli Identity Manager 20}L20K WebSphere Application Server
M Tivoli Identity Manager s^(G<,kjITB=h:
1) H"z,;s+C'G<=53P#
2) YN"TG<= Tivoli Identity Manager#
3) g{z^(G<= Tivoli Identity Manager,kXB}<53,byI\a|
};)73hCJbM WebSphere 6k={"+]'VSPJb#
3. g{z9C%cG<&\G<"h*!q;VoT,kZ Web >cX7s7S
/language#}g,dk:
https://mysite.myco.com/itim/enrole/language
PX*zD Web /@wdC1!oTD|`E",kND Tivoli Identity Manager
Server Configuration Guide#
4. dk Tivoli Identity Manager \m1C'j6(itim manager)M\k(Z20.s
"4vV,5*0secret1)#
5. 4PX*D=h4(C'(ITIM C')#PX|`E",kND*zozr Tivoli
Identity Manager Policy and Organization Administration Guide#
PX&CKPD}LD|`E",kND Tivoli Identity Manager Server Configuration
Guide#
~qwkzmLrD(E
9Cx Tivoli Identity Manager zmLrD Tivoli Identity Manager 53h*9Czz
$iT7# Tivoli Identity Manager ~qwMzmLr.dD(E2+#
k Tivoli Identity Manager zmLrD$iT&DO$PDXkZ {ITIM_HOME}\cert
?<P#PX\'VD$i`M,kND Tivoli Identity Manager Server Configuration
Guide T0X(zmLrD208O,TKb|`E"#
":
1. k;N20;vzmLrE*D~,"Z20m;vzmLrE*D~.0jI0
;vE*D~D20#,120`vE*D~I\<B Tivoli Identity Manager ~
qw?FXB}<#
2. g{1!oT;G"o,Z20Z;v Tivoli Identity Manager zmLr0kP!
qXqCk20 Tivoli Identity Manager zmLroT| CD#Z Tivoli Identity
Manager ~qwO9C|nP==420zmLroT|:
java –jar itimlp_agents_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20
LrfeOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java
Runtime Environment 1.3.1#
56 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z 6 B :/20:Tivoli Identity Manager ~qw
>BhvgNZ:/r&\:/dCP20MdC Tivoli Identity Manager ~qw#Z
Lx.0,kNDZ 9 3D:9C Tivoli Identity Manager 1D WebSphere 73^
F;#
":
1. Z:/73P,Tivoli Identity Manager 20}L";T/20 WebSphere Application
Server#Z:/O20 Tivoli Identity Manager .0,k20"dC WebSphere i
~#
2. Z:/O20 Tivoli Identity Manager Xk43rjI,;N;(Fcz#
3. PXyhD&CLrf>M^)|DE",kNDZ 95 3D=< B, :kT Windows
Dm~M2~*s;#
20Nq|,TB=h:
v :*<0;
v Z 63 3D:20 Tivoli Identity Manager ~qw;
*<0
Zz*<.0,k4PTB=h:
v k7(z>cP$HfZD WebSphere Application Server dCGqGZ 9 3D:9
C Tivoli Identity Manager 1D WebSphere 73^F;PyPDdC.;#
v gZ 59 3D:9C xg?p\mw4(:/;MZ 100 3D:dC Tivoli Identity
Manager :/;Pyv,kjIb)=hT9l;v WebSphere Application Server
%*T0;vr`v:/#
v k7#TBwn}ZKP:
m 3. XkZKPD&CLr
X8m~ PX|`E",kND:
}]b Z 11 3DZ 3 B, :}]bdC;
?<~qw Z 21 3DZ 4 B, :?<~qwdC;
xg?p\mw Z 104 3D:7# xg?p\mwMZczmLrZ
KP;WebSphere Application Server Zczm
Lr
WebSphere Application Server JMS ~q
w
bG WebSphere 6k={"+]'V
":g{H0fZ WebSphere MQ V5.3,kNDZ 99
3D:9CVPD WebSphere MQ V5.3;#
v k7#zcICELUdMibZf?D*s#PX|`E",kNDZ 95 3D=
< B, :kT Windows Dm~M2~*s;#
v k7#z5P}7D\m(^(Administrator)#g;P,kq!C(^"XBt/
53T$n}7D(^#
© Copyright IBM Corp. 2003 57
v k7#zQbvyPKZJb#PX|`E",kND:bvKZJb;#
v Z*20 Tivoli Identity Manager DFcz,hCT&ZzDoT73D5T7#\
6poTq=#
v 7# WebSphere Application Server Fix Pack 2 2&CZQ20 Web ~qwDFc
z#Z20^)|0#9 Web ~qw#
":ZdCPI\PtI WebSphere Web e~,|(xP WebSphere Application
Server xg?pDFczOD WebSphere Web ~qwe~#
v jIdCDE"$wm#
bvKZJb
53I\"zTBKZJb:
v Z20 Tivoli Identity Manager .0,k7#QZTB;C* WebSphere 5.0 (e
K,; SOAP KZ:
– ZTBD~PD com.ibm.ws.scripting.port:
{WAS_NDM_HOME}\properties\wsadmin.properties
– ZTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ:
{WAS_NDM_HOME}\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
g{5;;y,k4TB=h|}KZE:
1. r* wsadmin.properties D~#
2. + com.ibm.ws.scripting.port D5|D*zZ serverindex.xml D~PR=D
5#
":
1. g{IZ SOAP KZE;}79C20'\,k|}KZ8("XBKP
runConfig |n#
2. g{ WebSphere Application Server xg?pM WebSphere Application Server <
20Z,;53P,k9C serverindex.xml D~P&CZ WebSphere Application
Server xg?p\mwDKZE#
v 20jI.s,g{ibwzKZ5k Tivoli Identity Manager h*D5;,,Tivoli
Identity Manager G<xL+'\#
Tivoli Identity Manager *sibwzKZ5* 80 M 9443#g{2+(EQtC,
+9CKZ 9443#
ZFczO20 WebSphere ~qwD5}+8( Tivoli Identity Manager $F9C
DibwzKZED}75#
+G,Z,;FczO20 WebSphere ~qwDZ~v5}(ng xg?p\m
w)+T/98(x xg?p\mwDKZEvS 1#}g,ibwzKZES 80
vS= 81,S 9443 vS= 9444#zXk+KZEXBdC* Tivoli Identity Manager
*sD}V#
*|}ibwzKZE,kCJ WebSphere \mXF("4PTB=h:
1. %w73 –> ibwz –> 1!wz –> wzp{#
2. +ibwzKZ5|D* 80 M 9443#
3. (}!qkZc,=|D,+CdC#f=wb#
58 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
4. %w|B Web ~qwe~"%w7(#
5. XBt/:/#
9C xg?p\mw4(:/
":PX8( WebSphere %*D|`E",kNDZ 100 3D:dC Tivoli Identity
Manager :/;#
*4(:/"C:/I1nd|,kZ*<20 Tivoli Identity Manager .09C
WebSphere \mXF(4PTB=h:
1. G<= xg?p\mw\mXF(#
2. Zs0qP,%w~qw –> :/#
3. %wB(#
K1+vV04(B:/1T0r#
4. dkB:/D{F#}g,dk ITIM_CLUSTER#
":
1. g{z*4(x`v:/D&\:/,kX4K}L"*a) Tivoli Identity
Manager C'gfcD;v:/8(:/{F,ng ITIM_UI_CLUSTER,,1*
a) Tivoli Identity Manager $wwcDm;v:/8( ITIM_WF_CLUSTER#
2. :/{FxVs!4#
":
5. %wB;=#
K1+vV04(B:/~qw1T0r#
6. YhzP}v:/I1*8(,kdk;vB:/I1D{F"!qdZc"%
w&C#
Z04(B:/~qw1T0rW?+vV:/I1Pm#kliCPm,T7
#B:/I1QmS#
7. (}dk?vB:/I1D{F"!qdZcmSd|:/I1#jImSyP
I1s,%wB;=#
K1+T>0**1T0r,dPP:/I1Pm#kliC**T7#:/I
1{FM~qw{Fy}7#
8. %wjI#
9. %w:/XK,9*z4(D:/Dw"lidI1#
10. g{C:/Q}78(,k%w:/,;s%w#f,Tc+B:/#f= xg?
p\mwwbP#PX:/P9CDbD|`E",kND WebSphere Application
Server D Redbooks ya)DE"#PX|`E",kNDZ vi 3D:X8m~z
7vfo;#
":#fdC1,!qkZc,=|D#
11. |B Web ~qwe~#*K,k%w73 –> |B Web ~qwe~ –> 7(#
:/20DE"$wm
Z*<20.0kU/TBE":
Z 6 B :/20:Tivoli Identity Manager ~qw 59
}]bE"
*X5}]b\m53U/TBE":
\m1j6 ______________________________
20}]b14(D\m1C'j6(db2InstanceName w*}]b5}yP
_)#}g,TBG IBM DB2 D1!5:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 11 3D:IBM DB2 dC;#
\m1\k ______________________________
\m1C'j6D\k#
}]b{F ______________________________
8( Tivoli Identity Manager ~qw,S=}]bD==#g{G>X20}
]b,r0}]b{F1GC}]bD{F#}g,0}]b{F1D5G
itimdb#g{G6L20}]b,r0}]b{F1G6L}]bD>Xp
{#PX9C catalog |n48(6L}]bD|`E",kNDZ 14 3D
:dC IBM DB2 JDBC }/Lr;#
}]b`M ______________________________
*zD539CD}]b`M#}g,}]bG IBM DB2#
}]b>$:
}]bC'
Tivoli Identity Manager ~qwCZG<=}]bDJ'#C'j6G
enrole#
":KC'j6;\|D#
C'\k
Tivoli Identity Manager ~qwCZG<=}]bDJ'\k#
IP X7 ______________________________
}]b~qwD IP X7#T IBM DB2 ;GXhD#xT Oracle M SQL
Server 2000 GXhD#
KZE ______________________________
}]b~qwDKZE#T IBM DB2 ;GXhD#xT Oracle M SQL Server
2000 GXhD#
mb,20}L9(fTB}]bXE"#}]bXE"7( Tivoli Identity Manager ~
qwITT}]br*D JDBC ,SD}?#XZ|`DE",kND Tivoli Identity
Manager Server Configuration Guide#
ky]z>cDhs@@TBw5:
u<]?
Tivoli Identity Manager ~qwITT}]br*D JDBC ,SDu<}?#
60 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
ns]?
ZNN;v1L,Tivoli Identity Manager ~qwITT}]br*D JDBC ,
SDns}?#
G<S1k}
xP,S.dD1d(Tk*%;)
?<~qwE"
kU/TBE":
wz{ ______________________________
?<~qwD+^(wz{#}g,identity1.mylab.mydomain.com#
Identity Manager DN ;C ______________________________
zZ0;C1VNPdkD5(ng dc=com)XkkzZdC LDAP 14(
Ds:(}g dc=com)`%d#PX|`E",kNDZ 21 3DZ 4 B, :?
<~qwdC;#
i/{F ______________________________
Z0zDi/{F1VNPdkD5+T>Zm` Tivoli Identity Manager <
NC'gfA;PyT>Di/<mO#K5;cGz+>HO}=D{F#
}g,i/{F* IBM +>#
":zITZKVNPdk%VZV{/(ASCII)V{r+VZV{/V
{#
1!i/L{F ______________________________
Z01!i/L{F1VNPdkD5+Z IBM Directory Server Z?CTz
mzDi/#K5;cGz+>{FDu4#}g,L{F* ibmcorp#
":Z01!i/L{F1VNP;\dk%VZV{/(ASCII)V{,n
gC"om>Dj6#
"Pf"x}? ______________________________
"Pf"xCZVI}]nTxPErri/#ky]z>cDhs@@1!
5(1)#
KZ ______________________________
?<~qw+l}DKZ,ng 389#
we DN ______________________________
we(P{FC'j6#}g,cn=root#
\k ______________________________
zZ20?<~qw14(Dwe(P{FC'j6D\k#
mb,20}L9(f Tivoli Identity Manager ~qwICJD LDAP ,SXDTB
w LDAP ,SXE"VN#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#
ky]z>cDhs@@TBw5:
Z 6 B :/20:Tivoli Identity Manager ~qw 61
nsXs!
ZNN1d LDAP ,SXDns,S}
nuDXs!
nu* LDAP ,SX4(D,SD}?
v?F}
1yP,SyZ9CDivB,?Nks,S1mS= LDAP ,SXD,SD
F}#
:/20D WebSphere Application Server E"
:/dCD WebSphere Application Server 20_PTBVN#PX|`E",kND
Z 100 3D:dC Tivoli Identity Manager :/;#
:/{F ______________________________zT0Z9l WebSphere Application Server %*14(D:/{F#T%v:
/k9Cng ITIM_CLUSTER D;v{F#Z&\:/P,k9Cng
ITIM_UI_CLUSTER M ITIM_WF_CLUSTER D{F#Z%;~qw20}L
P;T>KVN#
":dkD:/{FMd| WebSphere j6GxVs!4D#
20?< ______________________________
WebSphere Application Server Base D20?<#}g,Solaris 1!?<G
/opt/WebSphere/AppServer#g{Q-20K WebSphere Application Server
Base,rKVNvw*E"a>#
U>G<6p
T>ZzY53ms1U>Dj8LH#(}Z0U>G<6p1VNPhC
INFO k FATAL .dD}V,53\m1\;!qU>D~Dj8LH#U
>G<6p=_,53DT\=C,r*4kU>D~DE"+=Y#
J~~qw{F
'V SMTP J~~qw#SMTP wzGJ~xX#
2+ThC
TBVNT>Z053dC2+T1!n(O#
S\(4!r)
T Tivoli Identity Manager tTD~PD}]b"LDAP M WebSphere
Application Server \m1C'j6D\kxPS\#
&CLr~qwC'\m
9z\hCk7OTBVND\k:
53C'
WebSphere Application Server C'j6M\k#v1r*
W e b S p h e r e +V2+T1GXhD#bGZ 1 0 7 3D
:WebSphere D2+T;PDV/=hyvD wasadmin C'
j6#
EJB C'
zXkZt/20.0Q(eDC'M\k#v1r*
62 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
W e b S p h e r e +V2+T1GXhD#bGZ 1 0 7 3D
:WebSphere D2+T;DV/=hyvD itimadmin C'j
6#
":g{KVNvV1Q$HmCKZ],rVNI\|,5
wasadmin#+KVND5|D* itimadmin#
Tivoli Identity Manager E"
k"b Tivoli Identity Manager DTBE":
S\\?
\?I\GNNVrLo#\?CZS\ Tivoli Identity Manager \kMd|
tPD>#C5w* enrole.encryption.password f"Z enRole.properties
D~P#
U>G<6p
T>ZzY53ms1U>Dj8LH#(}Z0U>G<6p1VNPhC
INFO k FATAL .dD}V,53\m1\;!qU>D~Dj8LH#U
>G<6p=_,53DT\=C,r*4kU>D~DE"+=Y#
J~~qw{F
'V SMTP J~~qw#SMTP wzGJ~xX#
C'j6 ____itim manager________
Tivoli Identity Manager C'j6#20sD1!5G itim manager#G< Tivoli
Identity Manager 1k9CKC'j6#
\k ____secret______________
8(* itim manager D Tivoli Identity Manager \m1C'j6D\k#Z
20s"LvVD1!\kG secret#
":G< Tivoli Identity Manager ~qw1,53a?Fz|D\m1J'\
k#
20 Tivoli Identity Manager ~qw
TBwL<hvKZ:/dCB20 Tivoli Identity Manager ~qw}LPB~Dy>
3r:
Z 6 B :/20:Tivoli Identity Manager ~qw 63
Z:/dCP20 Tivoli Identity Manager ~qw:
":*20 Tivoli Identity Manager ~qw,kkTzD73q!}7D CD#PX|
`E",kNDZ 89 3D=< A, :bL;#
1. Z0P xg?p\mwDFczO#ZK20}LP,+Z;NdC Tivoli Identity
Manager D}]bM?<~qw#
2. Z?(P;vr`v:/I1DFczO#
< 23. :/20wL<
64 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
":k7#z.0QjIZ 57 3D:*<0;PD=h#
*20 Tivoli Identity Manager ~qw,kjITB=h:
1. :/@nuD06-10ZM0mI10Z;
2. Z 66 3D:!q20`MM1!20?<;
3. Z 67 3D:!q}]b;
4. Z 67 3D:jI:/20rP;
5. Z 71 3D:8( WebSphere +V2+T;
6. Z 73 3D:8(S\\?"DA200**;
7. Z 74 3D:20x9Md|dCn/;
8. Z 82 3D::/20DU>M?<;
9. Z 83 3D:jI2+TdC;
10. Z 84 3D:bT Tivoli Identity Manager ~qwD(E;
/@nuD06-10ZM0mI10Z53Z20}L*<.0avV;5P6-MmI0Z#*/@b)u<0Z,k4
PTB=h:
1. G<=+*20 Tivoli Identity Manager ~qwDFcz#
":
1. zXk9C_P53\mX(DJ'G<(Administrator)#
2. Q Tivoli Identity Manager z7 CD ek= CD-ROM }/wP#
3. %w*< –> KP#
4. dkzD CD-ROM }/wL{,;sdkTB|n:
instW2K-WAS.exe
K106-10Z+r*#
Z 6 B :/20:Tivoli Identity Manager ~qw 65
":g{zDG<J';P4P instW2K-WAS.exe DmI(,zXkZhCJ'm
I(T4PKD~#
5. *|DvCZ20feODoT,k%w8>0"o1DrPDrB}7"!qm
;VoT#%w7(#
":C!n;a!q Tivoli Identity Manager &CLr.sKP19CDoT|#
K10mI$-i10Z+r*#
6. DAmI$-i"7(GqS\dun#g{S\,k%wS\#%wB;=#
!q20`MM1!20?<
K10!q20`M10Z+r*#
< 24. 06-10Z
66 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
1. !q:/r&\:/,;s%wB;=#
":K1+vV;vsx0Z,9z\8(C&\:/Gq* UI cr WF cD;
?V#g{z!q0:/1w*20`M,r;T>C0Z#
K10X*E"10Z+r*#
2. ZLx0,ki$ WebSphere xg?p\mwMyP WebSphere ZczmLrI
KP#PX|`E",kNDZ 104 3D:7# xg?p\mwMZczmLrZ
KP;#%wB;=#
K10!q20?<10Z+r*#
3. S\1!D Tivoli Identity Manager 20?< c:\itim45 r(}%w!q..."jI
da>8(m;?<#%wB;=#
!q}]bK1ar*0!q}]b`M10Z#
!qTBdP;V}]b`M"%wB;=:
v IBM DB2 (C}]b
v Oracle#PX|`E",kNDZ 15 3D:Tivoli Identity Manager D Oracle 20M
dC;#
v SQL Server 2000. PX|`E",kNDZ 20 3D:SQL Server 2000 dC;#
jI:/20rP
K10!q:/Zc`M10Z+r*#
< 25. 0!q20`M10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 67
1. !q;VZc`M#zXkHZ0P xg?p\mwDFczO20 Tivoli Identity
Manager,;sZ:/I1O20 Tivoli Identity Manager#
":z2ITZ,;FczOH20 xg?p\mwV20:/I1#k7#KF
czPyhDZf]?"YHMzcnb0kDICUd#
K10!q&\:/I110Z+r*#
":g{z.0Q+20`M8(*&\:/,r+vVTB0Z#g{z.0!
q:/w*20`M,r;T>C0Z#
< 26. 0!q:/Zc`M10Z
68 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
2. TZ&\:/,!qCFczG UI :/I19G$ww:/I1#%wB;=#
":kp+ UI :/I1M$ww:/I1,1Vdx,;Fcz#
K1+vV;vksdk;vr`v:/{FD0Z#
3. TZ%(#f):/,kdk;v:/{F,ng itim_cluster#
< 27. 0!q&\:/I110Z
Z 6 B :/20:Tivoli Identity Manager ~qw 69
g{20`M*&\:/,C0Zks`v:/{F#
4. dkzT0Z xg?p\mwP(eD;vr`v:/{F#%wB;=#
g{K20}LkT3v:/I1,r+T>0dk LDAP ?<E"10Z#
< 28. 0WebSphere Application Server }]10Z(:/{F)
< 29. 0WebSphere Application Server }]10Z(&\:/20)
70 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
":g{ Tivoli Identity Manager 20G* xg?p\mw8(D,r+;T>C
0Z#
5. y]z.0{mDE"$wm,Z0LDAP ?<E"10ZDwVNPdki/}
]#
TZ?v:/I1,KE"Xkk.0Z xg?p\mwO20w Tivoli Identity
Manager }LP8(D LDAP E"`%d#?v:/I1DE"&j+;B#PX
|`E",kNDZ 61 3D:?<~qwE";#%wB;=#
8( WebSphere +V2+T
53+r*0WebSphere 2+T10Z#
< 30. 0LDAP ?<E"10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 71
g{0WebSphere +V2+T1Qr*,k%wtC WebSphere 2+T#
K1+vVm;v0Z,*sz8( WebSphere Application Server C'j6M\k#
bGZ 107 3D:WebSphere D2+T;PDV/=hyhvD wasadmin C'j6#
ka)C'j6M\k"%wB;=#
< 31. 0WebSphere 2+T10Z
< 32. 0WebSphere \m1>$10Z
72 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
8(S\\?"DA200**
08(S\\?10Zr*s+vV20**0Z#
1. ka);vS\\?,|I*NNVrLo#\?CZS\ Tivoli Identity Manager
\kMd|tPD>#C5w* enrole.encryption.password f"Z
enRole.properties D~P#%wB;=#
K1+r*0200**10Z,dPPv*20Di~"yhDICELUdT
020?<,ng c:\itim45#
2. ZLx0k7#yhELUdIC,"%w20#
Z20*s9CD1ddtP+r*;5PD20x90Z#ZyhJ4*snM
DFczO,1ddtDwCa\Tx#
< 33. 08(S\\?10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 73
20x9Md|dCn/
20}LZ;N1ddtZ20 Tivoli Identity Manager ~qw#20.s,aT/r
*d|0Z:
1. ;PZ0P WebSphere xg?p\mwDFczOD20}LP,TB0ZET>:
a. }]bdC#PX|`E",kND:Tivoli Identity Manager }]bDu<d
C;#
b. ?<~qw#PX|`E",kNDZ 75 3D:Tivoli Identity Manager ?<D
u<dC;#
2. Z0P WebSphere xg?p\mwDFczr_P:/I1DFczOD20}L
P,+r*;vIdC Tivoli Identity Manager D53dC0Z#PX|`E",
kNDZ 76 3D:Tivoli Identity Manager Du<dC;#
Tivoli Identity Manager }]bDu<dC
53ar*;v}]bdC0Z,zIxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
KdCn/+dCtTD~"Z Tivoli Identity Manager }]bP("m#
k4PTB=h:
1. 1 Tivoli Identity Manager0}]bdC10Zr*1,kdkOJD5#
< 34. 20x90Z
74 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
":g{z*9C Oracle w*zD}]b,rXkZLx4P IBM Tivoli Identity
Manager0}]bdC10Z.0,+ Oracle JDBC }/Lr4F=
<ITIM_HOME>/lib ? < T 0 W e b S p h e r e A p p l i c a t i o n S e r v e r D
{WAS_HOME}/installedApps/enrole.ear ?<P#zIZZ 89 3D=< A, :b
L;PyvD9d CD OR= Oracle JDBC }/LrD1>(Z{*
classes12.zip DD~P)#
2. * Tivoli Identity Manager 9CD}]bjI}]bdCVN#g{}]bG IBM
DB2,r0IP X71M0KZE1VNGRtD#Td|}]bb)VNGXhD#
}g,0}]b{F1r0p{1ITGng itimdb Du?#0\m1j61VN
D5GTB5PD;v:
v UNIX:db2inst1
v Windows:db2admin
PX|`E",kNDZ 12 3D:dC IBM DB2 ~qw;#
3. %wbT#1}]bbTI&1,0}]bdC10ZPD0C'j61M0C'
\k1VN+d*n/4,#
4. *b)VNdkOJD5,"%wLx#
Tivoli Identity Manager ?<Du<dC
53+r*;v?<~qwdC0Z,zITxPTBdC:
v %;~qw
v Z0P xg?p\mwDFczO20:/r&\:/
< 35. 0}]bdC10Z
Z 6 B :/20:Tivoli Identity Manager ~qw 75
kdkOJD5xP?<~qwDu<dC,Tc6p Tivoli Identity Manager#
k4PTB=h:
1. Zwv LDAP ~qwE"VNPdk5#}g,0wz{1VND5GKP?<~
qwDFczD+^(wz{#
2. %wbT#1,S?<~qwDbTI&1,Identity Manager ?<E"?VDVN
+d*n/4,#
3. (}8( Tivoli Identity Manager Ds:,0Identity Manager DN ;C1D5G
dc=my_suffix#PX|`E",kNDZ 22 3D:* Tivoli Identity Manager 8(
s:;#4ivjIb)VN"%wLx#
Tivoli Identity Manager Du<dC
TZyP20`M,k9C Tivoli Identity Manager ~qwa)D053dC10ZO
D!n(4|D}]b~qw"?<~qwMd|~qD5:
1. 0#f1!n(G;5PCZdC Tivoli Identity Manager ~qwD053dC1
!n(PDZ;v#
< 36. 0?<dC10Z
76 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
0#f1!n(PDVN5+;$nd#PXb)VND|`E",kND Tivoli
Identity Manager Server Configuration Guide PD53dCE"#
2. %w0?<1!n(#
K1+r*0?<1!n(0Z#
< 37. 0#f1!n(0Z
Z 6 B :/20:Tivoli Identity Manager ~qw 77
X*1,k^D?<~qwDE"#g{K20GZ:/I1OxPD,rKE
"Xkk.0* xg?p\mw8(D LDAP E"`%d#
g{K20GZ:/I1OxPD,rza4=bT4%#%wbT#z&Ca
4=;vm>,SI&DX&0Z#%w7(XUC0Z#
3. %w}]b!n(#
K1+r*0}]b1!n(0Z#
< 38. 0?<1!n(0Z
78 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
4. k* Tivoli Identity Manager }]ba)0}]b{F1,SE"#}g,0}]
b{F1D5I* itimdb#1!C'j6* enrole#g{C20Z:/I1Ox
PD,KE"Xkk.0* xg?p\mw8(D}]bE"`%d#
g{K20GZ:/I1OxPD,rza4=bT4%#%wbT#bTI&
D0+$n0}]bXE"1?VPD#`VN#%w7(XUC0Z#
5. %wU>G<#K1+r*0U>G<1!n(0Z#r_S\1!5 WARN,r
_vZ>cT\D<G|Db)5Dj8LH#
< 39. 0}]b1!n(0Z
Z 6 B :/20:Tivoli Identity Manager ~qw 79
6. %wJ~!n(#
K10J~1!n(0Z+r*#
< 40. 0U>G<1!n(0Z
< 41. 0J~1!n(0Z
80 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
7. Z0J~1!n(PdkXh5"%w7(#PXb)VND|`E",kND
Tivoli Identity Manager Server Configuration Guide#
":
1. Identity Manager ~qw URL VND5Gzm~qwD URL(}g,CZG
<= Tivoli Identity Manager D IBM HTTP Server)#
2. +0J~4T1X7|D*z>cD Tivoli Identity Manager 53\m1Dg
SJ~X7#zXk|DKX7,qrarPvDgSJ~X7"M,xJ
~#
8. %w UI#
K1+r* UI !n(0Z#
9. r_S\ UI !n(OD1!5,r_^DUjMX7E"T8(zDi/D(F
06-1T>==M Web X7#0Pm3s!18(ZyPC'gfPT>ZP
mPDnD}?#XZ|`DE",kND Tivoli Identity Manager Server
Configuration Guide#%w7(#
10. %w2+T#
K102+T1!n(0Zr*#
< 42. UI !n(0Z
Z 6 B :/20:Tivoli Identity Manager ~qw 81
g{z.0P!qX!qK WebSphere Application Server 2+T,rb)VNa
;$nd#g{z4tC WebSphere Application Server 2+T,b)VN+*U
W#
":
1. 0EJB C'1M0\k1VNDu<5G053C'1M0\k1VND5#z
I\h*^D0EJB C'1M0\k1VN#EJB C'j6D$HXkYZ 12
vV{#
2. g{zZK53dC02+T10ZP|DK EJB C'j6r EJB \kD5,
rZ20 Tivoli Identity Manager .sh*4PV/=h+2+TG+3d=
ITIM C',Sxt/ Tivoli Identity Manager#
11. %w7(TjI53dC#
12. mb,k7#d|52JZKP Tivoli Identity Manager M`X&CLr9CDd
C#
:/20DU>M?<
53dCjI1,k"bTB20U>;C:
m 4. 20U>D~{FM?<
D~{ ?<
dbConfig.stdoutldapConfig.stdoutitim45_installer_debug.txtrunConfig.stdout(kT:/20)runConfigTmp.stdout(Z%;~qwMxg?p\mwO)
{ITIM_HOME}/install_logs
< 43. 02+T1!n(0Z
82 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
m 4. 20U>D~{FM?< (x)
D~{ ?<
itim45_install.stdoutitim45_install.stderr
53 root
Tivoli_Identity_Manager_InstallLog.log g { 2 0 I & j I , r ? < *
{ITIM_HOME}#g{20'\,U>D~
+Z53 root(UNIX)P Z Windows @
fO#
v UNIX:53 root
v Windows:@f
PXI WebSphere Application Server 20}L4(DU>D|`E",kND
WebSphere Application Server D5#
jI2+TdC
g{zrctC J2EE 2+T,kZ20 Tivoli Identity Manager .s4PTBV/=
hjI3d"XBt/ J2EE 2+T#PX|`E",kNDTBZ].;:
v Z 108 3D:20 Tivoli Identity Manager .s%Zc?pDV/=h;
v Z 111 3D:20 Tivoli Identity Manager .s`Zc?pDV/=h;
v k7# was.policy D~fZ#PX|`E",kNDZ 112 3D:dC was.policy
D~;#
Z20 Tivoli Identity Manager .s9C runConfig20 Tivoli Identity Manager .s,k9C runConfig |n*ngTBwVn/jI
53dC:
v |D enrole C'D\k#
v 8(\kS\"|B Tivoli Identity Manager EJB C'j6M\k#PX|`E",
kNDZ 76 3D:Tivoli Identity Manager Du<dC;PXZ053dC10ZP
D!n(Dhv#
PX9C runConfig |nD|`E",kND Tivoli Identity Manager Server
Configuration Guide#
P!qX20oT|
g{1!oT;G"o,kZ20 Tivoli Identity Manager sP!qXq!k20 Tivoli
Identity Manager ~qwDoT| CD#9C|nP==420oT|#}g,dkTB
Z]:
java –jar itimlp_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20Lr
feOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java Runtime
Environment 1.3.1#
Z 6 B :/20:Tivoli Identity Manager ~qw 83
(e HTTP a0VCT(I!)
zIT!q* WebSphere Application Server (e HTTP a0VCT#PX|`E",
kND WebSphere E"PDZD HTTP a0\mD5#
":g{.s WebSphere Application Server Z Tivoli Identity Manager :/P'\,
a0VCT+9nUC'wK'\-r#
i$Bq~qhC
>ki$ WebSphere Application Server Bq~qhCc;s=IT&mzD5qwLD
Tivoli Identity Manager :X#PX^Db)hCDj8E",kNDZ 104 3D:dC
WebSphere Application Server Bq~qhC;#g{z;^Db)hC,9.\&mz
D5qwL:X,rksZjI.0I\,1#
|B Web ~qwe~
20jIs,k|B Web ~qwe~#*K,kCJ WebSphere Application Server \
mXF("%w73 –> |B Web ~qwe~ –> 7(#
t/:/
20jIRyPXhD2+T^DyQjIs,kXBt/:/#Z WebSphere \mX
F(P,4PTB=h:
1. %w~qw –> :/#
2. !q Tivoli Identity Manager :/#
3. %wt/#Tivoli Identity Manager &Z:/t/1t/#
r_,zIT(}Z:/PDNbFczD|na>{&KPTB|n4t/:/I
1:
{ITIM_DIR}\bin\win\ssCluster start
":
1. Z0P xg?p\mwDFczOKPK|n+t/{v:/#
2. K|n9+t/ JMS ~qw#
r_,zIT(}Z:/PDNbFczD|na>{&KPTB|n#9:/I
1:
{ITIM_DIR}\bin\win\ssCluster stop
":Z0P xg?p\mwDFczOKPK|n+#9{v:/#
bT Tivoli Identity Manager ~qwD(E
*bT}]b"?<~qwM Tivoli Identity Manager ~qwGqQ}7dC"%`(
E,kjITB=h:
1. bT JDBC }/LrT7#|}Z3X(:/I1OKP:
84 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
a. Z*<.0,k7#}]b~qwM WebSphere Application Server }ZKP#
PXt/ WebSphere Application Server D|`E",kNDI WebSphere
Application Server a)DD5#
b. k7#zQ}7R= IBM DB2 E*D~#g{z}Z9C IBM DB2 V7.1 r
V7.2,"xPKz7*sD^)|,rk7#Zt/ WebSphere Application Server
.0Z shell PQKPK usejdbc2 shell E>#YNbT,S#g{,S;pw
C,ki$ enrole C'j6M\kyQ}7dC#g{ IBM DB2 }]bG6
LD,k7#T}]b~qwMM'z&CK,; IBM DB2 ^)|6p#
":Fix Pack 3 +Q IBM DB2 V7.1 73(F= IBM DB2 V7.2 ;cICT
6p#PX|`E",kNDZ 95 3D=< B, :kT Windows Dm~M
2~*s;#
c. CJ WebSphere Application Server \mXF(#
d. %wJ4 –> JDBC a)Lr#!q?jZc#
e. %w/@~qw#!q;v?j~qw,;s%w&C#
f. v/= JDBC a)LrPm"+w ITIM JDBC a)Lr#
g. v/T>DT0r=0d|tT10q#Z0d|tT10qP,%w}]
4#
h. ZT>D0}]41T0rP,%wbT,S#K1+vV;u8>bTa{
D{"#
2. t/ Tivoli Identity Manager ~qwMyPX8&CLr#
%w*< –> Lr –> IBM WebSphere –> Application Server V5.0 –> t/
~qw#
3. G<= Tivoli Identity Manager#}g,Z/@w0ZdkTBZ]:
http://hostname/enrole
dP hostname G}ZKP Tivoli Identity Manager ~qwDFczD+^({r IP
X7#
":
1. k;*Z,;M'zFczOt/=v@"D/@wa0#b=va0+;S
w;va0j6,Sxzz}]Jb#
2. g{z9C%cG<&\G<"h*!q;VoT,kZ Web >cX7s7S
/language#}g,dk:
https://mysite.myco.com/itim/enrole/language
PX*zD Web /@wdC1!oTD|`E",kND Tivoli Identity Manager
Server Configuration Guide#
4. dk Tivoli Identity Manager \m1C'j6(itim manager)M\k(Z20.s
"LvV,5*0secret1)#
5. 4PX*D=h4(C'(ITIM C')#PX|`E",kND*zozr Tivoli
Identity Manager Policy and Organization Administration Guide#
PX&CKPD}LD|`E",kND Tivoli Identity Manager Server Configuration
Guide#
Z 6 B :/20:Tivoli Identity Manager ~qw 85
~qwkzmLrD(E
9Cx Tivoli Identity Manager zmLrD Tivoli Identity Manager 53h*9Czz
$iT7# Tivoli Identity Manager ~qwMzmLr.dD(E2+#
k Tivoli Identity Manager zmLrD$iT&DO$PDXkZ {ITIM_HOME}\cert
?<P#PX\'VD$i`M,kND Tivoli Identity Manager Server Configuration
Guide T0X(zmLrD208O,TKb|`E"#
":
1. k;N20;vzmLrE*D~,"Z20m;vzmLrE*D~.0jI0
;vE*D~D20#,120`vE*D~I\<B Tivoli Identity Manager ~
qw?FXB}<#
2. Z:/dCP20;NzmLrE*D~#PXZ:/dCD24;C20zmL
rE*D~D(i,kNDkTzDX(zmLrDzmLr208O#
3. WebSphere Application Server dC*szmLr$iD}/w;CM20 Tivoli
Identity Manager ~qwD}/w;C;B#}g,g{zZ3v:/I1O20z
mLrE*D~,xZC:/I1O,Tivoli Identity Manager ~qw20Z
d:\itim45 P,r$iXk$tZ d:\itim45\cert ?<P#WebSphere Application
Server dC2Xk8( d:\itim45\cert ?<#
4. g{1!oT;G"o,Z20Z;v Tivoli Identity Manager zmLr0kP!
qXqCk20 Tivoli Identity Manager zmLroT| CD#Z Tivoli Identity
Manager ~qwO9C|nP==420zmLroT|:
java –jar itimlp_agents_setup.jar
+t/ Tivoli Identity Manager oT|20Lr#*jIoT|20,kq-20
LrfeOvVD8>E"#
":*KP Tivoli Identity Manager oT|20Lr,&IS|nPCJ Java
Runtime Environment 1.3.1#
mSr}%:/I1
>ZhvgNmSr}%:/I1#
9CBFcz)9:/
*+B:/I1mS=VPD Tivoli Identity Manager :/,k4PTB=h:
":b)=h(}9C;(K0;&Z WebSphere %*PDFcz4)9:/#bG.
=(":/D;v}S#
1. 9C WebSphere Application Server \mXF(4(B:/I1#PX|`E",k
NDZ 103 3D:+ZcmS=%*;#
2. 9C WebSphere Application Server \mXF(,ZZcOmSB:/I1#PX|
`E",kNDZ 103 3D:4(:/;#
3. ZBDFczOKP Tivoli Identity Manager 20}L,"!q:/I120#
4. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF("
%w73 –> |B Web ~qwe~ –> 7(#
5. 9C WebSphere Application Server \mXF(,t/CB:/I1#
86 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
9C,;Fcz)9:/
z9IT(}ZPVP:/I1DFczOmSd|:/I14)9:/#
k4PTB=h:
1. Z WebSphere Application Server \mXF(P,ZH0fZ:/I1DFczO4
(B:/I1#
":bG91(":/D;v}S#
2. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF("
%w73 –> |B Web ~qwe~ –> 7(#
3. 9C WebSphere Application Server \mXF(,t/CB:/I1#
}%:/I1
*}%FczP(;D:/I1,k4PTB=h:
v g{FczOvfZ;v:/I1,k4PTBYw:
1. KP Tivoli Identity Manager 6XLr#PX|`E",kNDZ 125 3D=<
G, :6X Tivoli Identity Manager;#
2. Z WebSphere Application Server \mXF(O,S:/>}C:/I1#
3. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF(
"%w73 –> |B Web ~qwe~ –> 7(#
v g{FczOP`v:/I1(91:/),k4PTBYw:
1. Z WebSphere Application Server \mXF(O,S:/>}C:/I1#
2. |B Web ~qwe~#*K,kCJ WebSphere Application Server \mXF(
"%w73 –> |B Web ~qwe~ –> 7(#
Z 6 B :/20:Tivoli Identity Manager ~qw 87
88 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< A. bL
Tivoli Identity Manager ~qw20a)TBbL(CD)#g{;PPvDyP CD,k
k IBM 'V*5#
CD P;P(iD WebSphere Y1^)Lr PQ77521z7 CD P;Pa)(iDY1^)Lr PQ77521#WebSphere Application Server 5.0.2
{"+][}Y1^)LrG(iC4|}PX WebSphere 6k={"+]'VD
MQJMS2013 XA V4msDLr#
ms{"DZ;PkTBZ]`F:
[8/6/03 13:30:54:484 EDT] f341ce J2CXAResource W J2CA0061W:4(XA ,SkJ4 javax.resource.spi.ResourceAdapterInternalException 1vm:createQueueConnection Zcom.ibm.ejs.jms.JMSCMUtils.mapToResourceException(JMSCMUtils.java:123) &'\
}g,1$ww}ZKP1I\vVKmsR WebSphere Application Server a#9#
4jIDBq^(V4#g{&CY1|,}]ITV4#
*q!KY1^)Lr,kdkX74CJC Web >c:
http://www.ibm.com/support/docview.wss?uid=swg24005451
oT| CDBmVnPvKoT| CD DZ]#
m 5. oT| CD DZ]
z7 D~{
oT| itimlp_setup.jar"itimlp_agents_setup.jar
9C WebSphere Application Server D Tivoli Identity Manager Dy
!zk Solaris CDBmVnPvK9C WebSphere Application Server D Tivoli Identity Manager Dy!
zk Solaris CD y|,DZ]:
m 6. 9C WebSphere Application Server D Tivoli Identity Manager Dy!zk Solaris CDy|,DZ]
z7 D~{
9C WebSphere Application Server D Tivoli
Identity Manager V4.5
instSOL-WAS.bin
kHDAD5 Docs-ReadMeFirst.pdf
© Copyright IBM Corp. 2003 89
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk
Solaris CDBmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk Solaris CD y|,DZ]:
m 7. 9C WebLogic D Tivoli Identity Manager Dy!zk Solaris CD y|,DZ]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instSOL-WL.bin
kHDAD5 Docs-ReadMeFirst.pdf
9d Solaris CD 1BmVnPvK9d Solaris CD 1 DZ]:
m 8. 9d Solaris CD 1 DZ]
z7 D~{
WebSphere Application Server Base V5.0 Fix Pack
2
was50_fp2_solaris.zip
WebSphere Application Server xg?p V5.0 Fix
Pack 2
was50_nd_fp2_solaris.zip
WebSphere Application Server Base V5.0.2 Y1
^)Lr(APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server xg?p,V5.0.2 Y1^)L
r(APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP `kY1^)
Lr(APAR PQ77263)
PQ77263.zip
9d Solaris CD 2BmVnPvK9d Solaris CD 2 DZ]:
m 9. 9d Solaris CD 2 DZ]
z7 D~{
IBM Directory Server V5.1 ids510-solaris-ismp-us.tar
IBM Directory Server V5.1 Fix Pack 1 FP510S-01.tar.Z
IBM Directory Server }Cj{Te~ DelRef/aix/libdelref.a
DelRef/hpux/libdelref.sl
DelRef/nt/libdelref.dll
DelRef/sun/libdelref.so
Tivoli Identity Manager V4.5 dCD~ DelRef/timdelref.conf
90 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
9d Solaris CD 3BmVnPvK9d Solaris CD 3 DZ]:
m 10. 9d Solaris CD 3 DZ]
z7 D~{
IBM DB2 V8.1 Fix Pack 2(32 M 64 ;) Sol-FP2_U486567.tar.Z
9d Solaris CD 4BmVnPvK9d Solaris CD 4 DZ]:
m 11. 9d Solaris CD 4 DZ]
z7 D~{
Oracle Type 4 JDBC }/Lr classes12.zip
Oracle Type 4 JDBC }/LrmI$D~ LI_en
9C WebSphere Application Server D Tivoli Identity Manager Dy
!zk AIX CDBmVnPvK9C WebSphere Application Server D Tivoli Identity Manager Dy!
zk AIX CD y|,DZ]:
m 12. 9C WebSphere Application Server D Tivoli Identity Manager Dy!zk AIX CD y
|,DZ]
z7 D~{
9C WebSphere Application Server D Tivoli
Identity Manager V4.5
instAIX-WAS.bin
kHDAD5 Docs-ReadMeFirst.pdf
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk AIXCD
BmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk AIX CD y|,DZ]:
m 13. 9C WebLogic D Tivoli Identity Manager Dy!zk AIX CD y|,DZ]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instAIX-WL.bin
kHDAD5 Docs-ReadMeFirst.pdf
=< A. bL 91
9d AIX CD 1
":r*s!<xD-r,9d CD P4a)Z AIX O9CD IBM DB2 D Fix Pack
2#*q!Z AIX O9CD IBM DB2 Fix Pack 2,kCJTB FTP >c:
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aix5v8/fixpak/FP2_U486566/
r_CJTB Web >c:
http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/v8fphist.d2w/report#AIX5
BmVnPvK9d AIX CD 1 DZ]:
m 14. 9d AIX CD 1 DZ]
z7 D~{
WebSphere Application Server Base V5.0 Fix Pack
2
was50_fp2_aix.zip
WebSphere Application Server xg?p V5.0 Fix
Pack 2
was50_nd_fp2_aix.zip
WebSphere Application Server Base V5.0.2 Y1
^)Lr(APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server xg?p,V5.0.2 Y1^)L
r(APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP `kY1^)
Lr(APAR PQ77263)
PQ77263.zip
9d AIX CD 2BmVnPvK9d AIX CD 2 DZ]:
m 15. 9d AIX CD 2 DZ]
z7 D~{
IBM Directory Server V5.1 ids510-aix-ismp-us.tar
IBM Directory Server V5.1 Fix Pack 1 FP510A-01.tar
IBM Directory Server }Cj{Te~ DelRef/aix/libdelref.a
DelRef/hpux/libdelref.sl
DelRef/nt/libdelref.dll
DelRef/sun/libdelref.so
Tivoli Identity Manager V4.5 dCD~ DelRef/timdelref.conf
9d AIX CD 3BmVnPvK9d AIX CD 3 DZ]:
m 16. 9d AIX CD 3 DZ]
z7 D~{
Oracle Type 4 JDBC }/Lr classes12.zip
Oracle Type 4 JDBC }/LrmI$D~ LI_en
92 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk
HP-UX CDBmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk HP-UX CD y|,DZ]:
m 17. 9C WebLogic D Tivoli Identity Manager Dy!zk HP-UX CD y|,DZ]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instHPUX-WL.bin
kHDAD5 Docs-ReadMeFirst.pdf
9C WebSphere Application Server D Tivoli Identity Manager Dy
!zk Windows 2000 CDBmVnPvK9C WebSphere Application Server D Tivoli Identity Manager Dy!
zk Windows 2000 CD y|,DZ]:
m 18. 9C WebSphere Application Server D Tivoli Identity Manager Dy!zk Windows2000 CD y|,DZ]
z7 D~{
9C WebSphere Application Server D Tivoli
Identity Manager V4.5
instW2K-WAS.exe
kHDAD5 Docs-ReadMeFirst.pdf
9CG IBM &CLr~qwD Tivoli Identity Manager Dy!zk
Windows 2000 CDBmVnPvK9CG IBM &CLr~qw(WebLogic)D Tivoli Identity Manager
Dy!zk Windows 2000 CD y|,DZ]:
m 19. 9C WebLogic D Tivoli Identity Manager Dy!zk Windows 2000 CD y|,DZ
]
z7 D~{
9C WebLogic D Tivoli Identity Manager V4.5 instW2K-WL.exe
kHDAD5 Docs-ReadMeFirst.pdf
9d Windows 2000 CD 1BmVnPvK9d Windows 2000 CD 1 DZ]:
m 20. 9d Windows 2000 CD 1 DZ]
z7 D~{
WebSphere Application Server Base V5.0 Fix Pack
2
was50_fp2_win.zip
WebSphere Application Server xg?p V5.0 Fix
Pack 2
was50_nd_fp2_win.zip
=< A. bL 93
m 20. 9d Windows 2000 CD 1 DZ] (x)
z7 D~{
WebSphere Application Server Base V5.0.2 Y1
^)Lr(APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server xg?p,V5.0.2 Y1^)L
r(APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP `kY1^)
Lr(APAR PQ77263)
PQ77263.zip
9d Windows 2000 CD 2BmVnPvK9d Windows 2000 CD 2 DZ]:
m 21. 9d Windows 2000 CD 2 DZ]
z7 D~{
IBM Directory Server V5.1 ids510-windows-us.zip
IBM Directory Server V5.1 Fix Pack 1 FP510W-01.zip
IBM Directory Server }Cj{Te~ DelRef\aix\libdelref.a
DelRef\hpux\libdelref.sl
DelRef\nt\libdelref.dll
DelRef\sun\libdelref.so
Tivoli Identity Manager V4.5 dCD~ DelRef\timdelref.conf
9d Windows 2000 CD 3BmVnPvK9d Windows 2000 CD 3 DZ]:
m 22. 9d Windows 2000 CD 3 DZ]
z7 D~{
IBM DB2 V8.1 Fix Pack 2 W2K-FP2.zip
9d Windows 2000 CD 4BmVnPvK9d Windows 2000 CD 4 DZ]:
m 23. 9d Windows 2000 CD 4 DZ]
z7 D~{
Oracle Type 4 JDBC }/Lr classes12.zip
Oracle Type 4 JDBC }/LrmI$D~ LI_en
94 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< B. kT Windows Dm~M2~*s
>=<PwKkT9C WebSphere Application Server D Windows D Tivoli Identity
Manager ~qwDm~M2~*s#
9C WebSphere D Tivoli Identity Manager DnM Windows Yw53
M2~*s
Bmj6K Windows Yw53"9!M20DnM2~*s#b)5;|(d|KP
1*s#KP`V~qw`M,gZ;(FczOKP&CLr~qwM}]b~q
w,CFcz+h*nbD2~J4(|`D RAM)#
m 24. Tivoli Identity Manager DnMYw53M2~*s
Yw53 9! n!Zf"ICELUdMd|2~*s
Windows 2000 Advanced
Server
Service Pack 3 r|_f> v RAM:1 GB DZfUd
v &mw:1S5J* 1 GHz r|_D Intel <
Z&mw
v ICELUd:temp ?<XkPAY 1.5 GB
DICELUd#Kb,*TB?<a) 1.1
GB DICELUd:
– Tivoli Identity Manager ~qw \itim45 ?
< 500 MB
– WebSphere Application Server 600 MB
9C WebSphere D Tivoli Identity Manager ~qwD}]b
BmPvK9C WebSphere D Tivoli Identity Manager ~qwICD}]b:
m 25. 9C WebSphere D Tivoli Identity Manager ~qwICD}]b
}]b f>M^)|r9! AIX 5.1 Solaris 8 W i n d o w s 2 0 0 0Advanced Server
IBM DB2 (C}]bs5f~
qw¹k IBM DB2 KP1M'
z
v x^)| 2 Df>
8.1
v x^)| 9 Df>
7.2
U U U
Oracle 8.1.7 U U U
Microsoft SQL Server SQL Server 2000 U
":
1. IBM DB2 h*_PTBn!ICELUd:
v 20h*Z4( Tivoli Identity Manager }]bD?<(ng /home/db2inst1)PP 1 GB Ud#
© Copyright IBM Corp. 2003 95
9C WebSphere D Tivoli Identity Manager ~qwD?<~qw
BmPvK9C WebSphere D Tivoli Identity Manager ~qwD?<~qw:
m 26. 9C WebSphere D Tivoli Identity Manager ~qwD?<~qw
?<~qw f>M^)|r9! AIX Solaris 8 W i n d o w s 2 0 0 0Advanced Server
IBM Directory Server v xP Fix Pack 1 D V5.1
v xP Fix Pack 2 D V4.1(Z
Windows NT O9CD V4.1.1)
U
Z AIX 5.1 O
U U
Sun ONE Directory
Server¹
5.1 U
Z AIX 4.3.3Ox;G 5.1
U U
1. mkliTB Web >c:
http://wwws.sun.com/software/download/inter_ecom.html#dirserv
Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qwX
8m~
BmPvKkT Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qw:
m 27. Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qwX8m~
X8m~ f> ^)| Y1^)Lr
IBM HTTP Server¹ 1.3.26 WebSphere Fix Pack 2
":
1. Z&C WebSphere ^)|0z
XkXU HTTP ~qw#
2. Z:/73P,k7#ZyP
_P IBM HTTP Server DF
czO0k WebSphere ^)
|,IBM HTTP Server I\9
F c z | , W e b S p h e r e
Application Server xg?p#
—
WebSphere Application Server
Base²
5.0 WebSphere Fix Pack 2 4UyPvD3r&CTB^)L
r:
v APAR SOV62778(kNDBfD
"M 3#)
v APAR PQ75794
v APAR PQ77263
WebSphere Application Server x
g?p²
5.0 WebSphere Fix Pack 2 &CTB^)Lr:
v APAR SOV62778(kNDBfD
"M 3#)
96 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
m 27. Tivoli Identity Manager ~qwD WebSphere ~qwk HTTP ~qwX8m~ (x)
X8m~ f> ^)| Y1^)Lr
1. IBM HTTP Server |(Z WebSphere Application Server 20}LP#
2. f WebSphere Application Server ;pV"D JDK G\'VD JDK#;'V9C IBM rd{)&La)D@"2
0D JDK#
3. g{zV/20 WebSphere Application Server Base D Fix Pack 2,k+9d CD OD ibmorb.jar D~4F=
{WAS_HOME}/java/jre/lib/ext ?<#ZP WebSphere Application Server xg?pDFczO,+9d CD OD
ibmorb.jar D~4F= {WAS_NDM_HOME}/java/jre/lib/ext ?<#g{zZ20 WebSphere 5.0 Fix Pack 2 s20
KNN WebSphere JDK ^)Lr,rXkZ4FD~ ibmorb.jar 0k WebSphere 'V*5#
\'VD Web /@w
TB Web /@wvZ Windows O\'V:
v x Service Pack 2 D Internet Explorer 5.5
v x Service Pack 1 D Internet Explorer 6.0
v Netscape 4.75
":
1. XktC cookie#
2. k;*Z,;M'zFczOt/=v@"D/@wa0#b=va0+;Sw;
va0j6,Sxzz}]Jb#
3. TZ IE /@w,k7#Q8( Java KP173(JRE)#r*/@w"%w$_ –>Internet !n#%w0_61!n(#v/&\?~Pm#!qk9C Java 2
V1.3.1_04 `FnD4!r#XBt/Fcz#
=< B. kT Windows Dm~M2~*s 97
98 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< C. <8 WebSphere 73
>BhvZ%;~qwr:/dCP20 Tivoli Identity Manager ~qw.04(
WebSphere Application Server 73D;c=h#TZ:/dC,>Ba)20MdC
WebSphere Application Server xg?pM WebSphere Application Server Base D=h#
":XZ|`DE",kND WebSphere Application Server 20D5#
<8 WebSphere Application Server 20
Z20 WebSphere Application Server.0,k7#Pc;DICELUdb9uD~#
PX|`E",kNDZ 95 3D=< B, :kT Windows Dm~M2~*s;#
7# WebSphere 6k={"+]~qwkM'zD Solaris ZK
hC
Z Solaris O,k7#*6k={"+]~qwMM'z8(KTB=SZKhC:
v set shmsys:shminfo_shmmax = 4294967295
v set shmsys:shminfo_shmseg = 1024
v set shmsys:shminfo_shmmni = 1024
v set semsys:seminfo_semaem = 16384
v set semsys:seminfo_semmni = 1024
v set semsys:seminfo_semmap = 1026
v set semsys:seminfo_semmns = 16384
v set msgsys:msginfo_msgmap = 1026
v set semsys:seminfo_semopm = 100
v set semsys:seminfo_semmnu = 2048
v set semsys:seminfo_semume = 256
v set msgsys:msginfo_msgmax = 65535
v set rlim_fd_cur=1024
9CVPD WebSphere MQ V5.3WebSphere 6k={"+]~qwMM'z(WebSphere 6k={"+]'V)G Tivoli
Identity Manager yhD WebSphere 5.0 i~#*I&20b) WebSphere i~,r
Xk}% IBM MQSeries V5.2(g{fZD0)#
g{ WebSphere MQ V5.3 fZZFczO,k7#Z20 WebSphere 6k={"+
]'VM'zM~qw.020TB WebSphere MQ i~:
v xP CSD03 |BD WebSphere MQ V5.3
v ~qwk Java {"+]D WebSphere MQ &\?~
*7(VPDf>,kKP WebSphere MQ a)D mqvr 5CLr#
© Copyright IBM Corp. 2003 99
XZ|`DE",kND WebSphere Application Server 20D5#
KZ 9090 ICTi$
WebSphere Application Server *d\mXF(9CKZ 9090#g{KZ*CZ53O,
zXk* WebSphere &CLrXF(!qmb;vICDKZ#zI(}dkTB|n
bTKZGqZ;9C:
netstat -an
dC Tivoli Identity Manager :/
TBG:/20MdCD}L:
1. :20 WebSphere Application Server xg?p;
2. Z 101 3D:20 IBM HTTP Server M WebSphere Web ~qwe~;
3. Z 102 3D:Z?vZcO20 WebSphere Application Server Base;
4. Z 103 3D:+ZcmS=%*;
5. Z 104 3D:7# xg?p\mwMZczmLrZKP;
SB4zI4(;vr`v:/,gZ 59 3D:9C xg?p\mw4(:/;Py
v#
20 WebSphere Application Server xg?p
":g{bG}6,WebSphere Application Server xg?p 5.0 I0k= Tivoli Identity
Manager4.4.x w~qwr(z~qwO#
*20 WebSphere Application Server xg?p,kjITB=h:
1. 7(FczGqPc;DZfMICELUd#
2. ka0qCyhD^)|r APAR(g{PD0)#PX|`E",kNDZ 95 3
D=< B, :kT Windows Dm~M2~*s;#
3. 20u<z7 CD#XZ|`Dz7 CD 0dZ]DE",kNDZ 89 3D=<
A, :bL;#
4. (}dkTBZ],r* WebSphere Application Server xg?p20Lr:
drive:\nt\LaunchPad.bat .\nt
5. Zu<T0P,kS\mI$*s#
20Lr+liX8m~#}g,|I\lb1YD9!,gT>UoV{yh
DVe#kNDI WebSphere Application Server xg?pa)DD5,"9dN
Nz7(G#X*D9!#
":ZX8m~li1,20Lr+lbNN WebSphere Application Server xg
?pDH020f>"T>;v(Fk2fT0r#g{z#{=v
WebSphere Application Server xg?pf>2f,k!q0^D2fDK
Z 1 , ; s Z 2 f T 0 r P ^ D K Z E # 2 0 j I 1 , z X k | D
{WAS_ND_HOME}\properties BDD~ wsadmin.properties P SOAP ,SD
KZ5,9.%dBDKZ5#
6. %wB;=#
K1+T>;vJmz!qxg?p&\?~DT0r#
100 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
7. S\1!5"%wB;=#
K1+T>;vPv20?j?<"yhUdMICUdDT0r#
8. S\r^D1!?<,"7#Pc;D20Ud,;s%wB;=#
K1+T>;vksZc{"wz{M%*{F5DT0r#
9. S\1!5ra)ksDVN5#}g:
Zc{ S\1!V{.ra)j6ZcDPbeDV{.#}g,hostname
wz{r IP X7
dk?jFczD+^(wz{r IP X7#
%*{F
dkj6%*D5#}g,dk:
ITIM_CELL_A1
10. X4%wB;=4/@TBT0r:
v 20**
v 20}L
v z7"a
v jI
v jI
11. X&0Z;=1T0r,CT0ra>zt/~qw"KP20i$bT#9C
TB Web X7CJ\mXF(:
http://networkdeploymenthost:9090/admin
dP networkdeploymenthost GQ20K WebSphere Application Server xg?pD
FczD+^(wz{#
":g{=vf>D WebSphere Application Server xg?p2f,kC20}L
PdCDKZEf;1!KZE#
12. 20XhD^)|r APAR#
":Z20^)|r APAR .0,k#9 WebSphere Application Server xg?
p53#PX|`E",kNDZ 95 3D=< B, :kT Windows Dm~M
2~*s;#
20 IBM HTTP Server M WebSphere Web ~qwe~
*20 IBM HTTP Server M WebSphere Web ~qwe~,k4PTBYw:
1. 20u<z7 CD#XZ|`Dz7 CD 0dZ]DE",kNDZ 89 3D=<
A, :bL;#
2. 9C WebSphere Application Server Base z7t/20#
3. /@TB20T0r"S\1!hC#
4. 120T0ra)TB!n1,k%w4!r4S\dC:
XBdCz7TkCz7Dd|f>2f
5. /@0Yw536pli1kd|NNliX8m~DT0r#
6. 1;va)C!nDT0rvV1,k!q(F#
7. %wB;=#
=< C. <8 WebSphere 73 101
K1+T>&\?~!qT0r#
8. Z&\?~!qT0rP,v!qTBwn:
v IBM HTTP Server
v IBM HTTP Server D WebSphere Web ~qwe~
9. %wB;=#
K1+vV;vT>1!?j?<"ICUd5T0yhUd5DT0r#
":g{K20*kT0D202f,IBM HTTP Server 5.0 IT9C1!20?
<,r*|kw* IBM HTTP Server 4.0 20;?V|,D1!?<;,#
10. S\1!?j?<,r^D?j,r^DFczICELUd#%wB;=#
K1+T>;v\a*20D&\?~0d;CDT0r#
11. X4%wB;=4/@|,TBwnDsxT0r:
v }L(f
v z7"a
v jI
12. qC"20yhD WebSphere Application Server Base ^)|(dP9|, IBM
HTTP Server D^)Lr)#PX|`E",kNDZ 95 3D=< B, :kT
Windows Dm~M2~*s;#
zI WebSphere Web ~qwe~dCD~
zI WebSphere Web ~qwe~DdCD~#Z209!.0,zXk#9 IBM
HTTP Server#k4PTB=h:
1. G<= xg?p\mw\mXF(#
2. SXF(s_0q,%w73 –> |B Web ~qwe~ –> 7(4|B Web ~
qwe~#b+Z?< {NDM_HOME}\config\cells PzI Web ~qwe~dCD
~ plugin-cfg.xml#
3. Ze~|BjIs,k%w#f+zDdC#f=wbP#
":1#fdC1,k!q0kZc,=|D1#
4. g{Z0P xg?p\mwDFczO20 IBM HTTP Server,ri$TBwPf
ZZ http_server_installdir\conf\httpd.conf dCD~P:
":g{ IBM HTTP Server M xg?p\mw20Z;,DFczO,K=h;
GXhD#
WebSpherePluginConfig drive:"\Program Files\WebSphere\DeploymentManager\config\cells\plugin-cfg.xml"
Z?vZcO20 WebSphere Application Server Base(}Z%*D?vI1ZcOX4TB=h,20 WebSphere Application Server Base:
1. t/ WebSphere Application Server Base 20Lr#
2. /@wT0r,1=vVPv*20D&\?~DT0r#
":
1. ZX8m~li1,20Lr+lbNN WebSphere Application Server Base D
H020f>"T>;v(Fk2fT0r#g{z#{=v WebSphere
Application Server Base f>2f,k!q0^D2fDKZ1,;sZ2fT
102 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
0rP^DKZE#20jI1,zXk|D {WAS_ND_HOME}\properties BD
D~ wsadmin.properties P SOAP ,SDKZ5,9.%dBDKZ5#
2. *a_T\"\b Web XF(YwDyP1ZJb,(i;*20y>&CL
r"&CLr0dM?p$_T0k WebSphere Application Server |,Z;p
D ant 5CLr#
3. %wB;=#
K1+T>;v\a*20D&\?~DT0r#kSPmP!qzh*D&\?
~#
4. X4%wB;=4/@|,TBwnDsxT0r:
v }L(f
v z7"a
v jI
5. 20XhD^)|#PX|`E",kNDZ 95 3D=< B, :kT Windows D
m~M2~*s;#
6. (}4PTB=h<8*|,=%*PDBZc:
a. P;= WebSphere bin S?<#
b. 9CTB|nt/~qw:
startServer server1
+ZcmS=%*
Z*<.0,k7# WebSphere Application Server(server1)}ZzkmS=%*DZ
cOKP#
Z xg?p\mw\mXF(O,k4PTBYw+ZcmS=%*:
1. %w53\m –> %*#
2. r*T>DT0rP,%wZc#
3. v/B;vT0r"%w0dC1!n(W?DZc#
4. ZT>D0Zc1T0r,%wmSZc#8(ZcDwz{MKZ,"%w7
(#
K1+T>;v(fZcmS4vDx9T0r#
r_,zIT(}KP addNode.bat E>,YKP startNode.bat E>+ZcmS=
%*#}g,Zzkw*ZcmSDFczOdkTB|n:
drive:"\Program Files\WebSphere\AppServer\bin\addNode.bat serverNodeName 8879"drive:"\Program Files\WebSphere\AppServer\bin\startNode.bat"
4(:/
Z xg?p\mw\mXF(O,k4PTBYw44(:/:
1. %w~qw –> :/#
2. ZsxT0rO,%wB(#
3. dk:/D{F,;s!qOJD~qw,"%wB;=#
4. (}8(:/I1"%w&C,jI0B:/~qw1T0r#Td|:/I1X
48(#1PmjI1,k%wB;=#
=< C. <8 WebSphere 73 103
5. li:/I1**T7#:/I1PmD}7T#%wjI#
6. +dC#f=wb#
":1#fdC1,k!q0kZc,=|D1#
7# xg?p\mwMZczmLrZKP
*7# xg?p\mwMyP WebSphere Application Server ZczmLr}ZKP,
k4PTBYw:
1. (}dkTB|n,zIZQ20 xg?p\mwDFczOCJ\mXF(:
http://NDM_host:9090/admin
*7( xg?p\mwD4,,zITZQ20 xg?p\mwDFczOKPT
B|n:
drive:"\Program Files\WebSphere\DeploymentManager\bin\serverStatus.bat"
*7( JMS ~qw"appserver MZczmLrD4,,kZQ20 WebSphere
Application Server Base DFczOKPTB|n:
drive:"\Program Files\WebSphere\AppServer\bin\serverStatus.bat"
2. T?vZc,k7(GqQ(eR}78(K JDBC }/Lr76D73d?M
{ITIM_HOME}#Z xg?p\mw\mXF(O,%w73 –> \m WebSphered?#}g,lid?PmT7( {ITIM_HOME) D5Gq}7#
3. t/?v:/I1DZczmLr"JMS ~qwM&CLr~qw#}g,%w~
qw –> &CLr~qw#%wm>3~qw(ng server1)D4!r,"%wt
/#
4. Zt/ZczmLrs,*7#ZczmLr}ZKP,k%w53\m –> Zcz
mLr#K1+r*;vT>ZczmLr0|GD4,D0Z#
5. Z/@wO,dk IBM HTTP Server }ZKPyZDFczD Web X7#}g,
dk:
http://myhost.mylab.mycity.mycompany.com/enrole
K1+T> Tivoli Identity Manager G<fe#G<= Tivoli Identity Manager &
CLr#
dC WebSphere Application Server Bq~qhC
IZ1! WebSphere Application Server Bq~qhC}M,rx^(&ms`}Dj
<5qwL:X#yT,Xk^Db)Bq~qhC4@9Bq,1#
1! WebSphere Application Server Bq~qhCG:
v BqzfZ,1\F = 120
v M'zGn/4,,1 = 60
b)5XkAYVpvS* 1200 M 600#g{zZF.\sD)&Nq,b)}VI
\XkhCC|_;)#zIT9C WebSphere Application Server \mXF(^Db
)5#
104 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
TB}LhvgN|DBq~qhC#g{z*5V Tivoli Identity Manager D:/d
C,rh*T?v:/I1X4b)}L#
1. G<= WebSphere Application Server,"r* WebSphere Application Server \m
XF(#
2. ZXF(s_DwPr*&CLr~qwV',"!qzD~qwD{F#
3. !qZ0=StT1tT?VPDBq~q#
4. ^D0BqzfZ,1\F1M0M'zGn/4,,11hCD5,9|G%d
$FD5qwL:X#
5. %w7(4#f|D#
=< C. <8 WebSphere 73 105
106 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< D. 2+T<G
>Zhvz\;* Tivoli Identity Manager DKP73mba)D2+T#dP|,T
Bwb:
v :WebSphere D2+T;
v Z 113 3D:dC HTTP ~qwD8C=(;
WebSphere D2+T
2+TtC1,J2EE 2+T7#QZ(DC'5PCJ Tivoli Identity Manager
Enterprise Java Bean(EJB)i~X*DmI(#dCK2+Ti~f0dCO$zFM
C'"am#y]?pGkT%ZcdC9G`ZcdC,V/=haPy;,#
|,TB=h:
1. Z20 Tivoli Identity Manager .0,V/dCO$zFMC'"am#
2. Z Tivoli Identity Manager 20}LP,8(2+TC'j6M\k#
3. Z20Ts,V/+\mC'3d= Tivoli Identity Manager G+#
dC%Zc?pD2+T
>Zhv*%Zc?pdC J2EE 2+Tyh4PDV/=h#
20 Tivoli Identity Manager .0%Zc?pDV/=h
*dC J2EE 2+Ti~,kZ20 Tivoli Identity Manager .04PTBYw:
8(\mC': k4PTBYw48(\mC':
1. ZYw53C'"amP4(r!q;v\mC'#Zsx>}P,CC';Fw
053C'1r wasadmin#
2. ZYw53C'"amP4(r!qm;v\mC'#Zsx>}P,CC';F
w EJB C'r itimadmin#
8(O$zFMC'"am: *8(O$zFMC'"am,k4PTBYw:
1. t/ WebSphere \m~qw"ZXF(G<#
2. %w2+T –> +V2+T#
3. k!qTB!n:
v n/DO$zF:SWAM(r% WebSphere O$zF)
v n/DC'"am:>X OS
4. #fdC|D#
dC>X OS C'"am: *dC>X OS C'"am,k4PTBYw:
1. %w2+T –> C'"am –> >X OS#
2. dk53C'DC'j6(wasadmin)M\k#
3. #fdC|D#
© Copyright IBM Corp. 2003 107
tC2+T: tC2+T#k4PTB=h:
1. %w2+T –> +V2+T#
2. %wtC#
3. g{zktC Java 2 2+T,I!q%w4P Java 2 2+T#g{!PK!n,
ryP&CLryXk'V Java 2 2+T#
4. #fdC|D#
%Zc?ptC2+TsDKP: *T%Zc?ptC2+TsKP,kXBt/
WebSphere \m~qw#1t/\m~qw1,I\*sz8( WebSphere \mC'
j6M\k#}g:
{WAS_HOME}\bin\stopServer server1 [-username wasadmin -password wasadminpassword]{WAS_HOME}\bin\startServer server1 [-username wasadmin -password wasadminpassword]
20 Tivoli Identity Manager .s%Zc?pDV/=h
*jI J2EE 2+Ti~DdC,kZ20 Tivoli Identity Manager .s4PTBYw:
+\mC'3d= Tivoli Identity Manager G+: *+\mC'3d= Tivoli
Identity Manager G+,k4PTBYw:
1. Z WebSphere Application Server \mXF(O,k%w&CLr –> s5&CL
r#
2. %w enRole#
3. Z0=StT1PrBv/"%w+2+TG+3d=C'/i#
4. !q ITIM_SYSTEM 4!r#
5. %wiRC'#
6. %wQw#
7. SPmP!q0EJB C'1(itimadmin)#
8. %w7(#
9. 7#4!P0?vK?1r0yPQO$D?14!r#
":*@94-Z(DCJ,{Cb)4!rG\X*D#
10. #fdC|D#
dC was.policy D~: 7#D~ was.policy fZZZcPDTB?<P:
{WAS_HOME}\config\cells\<cellname>\applications\enRole.ear\deployements\enrole\META-INF
K_TD~Zh Tivoli Identity Manager Z4PYw1yhDmI(#d;K_T4T
Tivoli Identity Manager STNN^F,+G Java 2 2+TDtC'VZ WebSphere
\mDd|&CLrP5)2+T#g{CD~;fZ,kSz7 CD P(;"4FC
D~rZ8(D?<P4(CD~#
D~Z]&CkTBwP`F:
grant codeBase "file:;${application}" {permission java.security.AllPermission;};
(}53C'M EJB C'|B Tivoli Identity Manager dC: g{T53C'M
EJB C'wK|D,zXk(}53C'M EJB C'DB5|B Tivoli Identity Manager
dC#k4PTB=h:
108 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
1. t/53dCLr#*K,kdkTBZ]:
{ITIM_HOME}\bin\runConfig
2. !q02+T1!n(#
K102+T1!n(0Zr*#
3. (}Z>X OS "amP4(D wasadmin C'j6|B053C'1VN0d\
k#
4. (}>X OS "amP4(D itimadmin C'j6|B0EJB C'1VN0d\k#
5. %w7(#
Z%Zc?pPXBt/ Tivoli Identity Manager: *Z%Zc?pPtCK2+
T.sKP,kXBt/ Tivoli Identity Manager "Za>BG<#}g,*XBt/
Tivoli Identity Manager,kdkTBZ]:
{ITIM_HOME}\bin\itim stop wasadmin wasadminpassword{ITIM_HOME}\bin\itim start wasadmin wasadminpassword
hC1!nF,11ddt: 2+T9C;vaZ53&ZGn/4,;(1ddt
s}ZDnF#1!5G 120 VS,TZ9C Tivoli Identity Manager 45I\;;
$#
":Z;)53P,5J,11ddtI\H8(5*L#,1I\h9zG<#1
,1"z1,zXkXU xg?p\mw":/MyPDZczmLr#
*K7#nFP'Z^5cTs=@9bb,1,k4PTBYw:
1. CJ WebSphere Application Server \mXF(#
2. %w2+T –> O$ –> LTPA –> ,1#
< 44. 02+T1!n(0Z
=< D. 2+T<G 109
3. hCnFP'Z^1ddt5,9.,}z>cD53&ZGn/4,Dn$$F
1ddt#
dC`Zc?pD2+T
>Zhv*`Zc?pdC J2EE 2+Tyh4PDV/=h#
20 Tivoli Identity Manager .0`Zc?pDV/=h
*dC J2EE 2+Ti~,kZ20 Tivoli Identity Manager .04PTBYw:
*`Zc2+ThC LDAP: **`Zc2+ThC LDAP,k4PTBYw:
1. 9C?<~qw\m$_4(i/%* ou=wasSecurity,dc=com,dP com ITG
zDi/Ds:#
2. 4(C' cn=wasadmin,ou=wasSecurity,dc=com# ZK>}P,WebSphere Application
Server \mC';8(*53C'(wasadmin)#khCTBVN:
v sn=wasadmin
v uid=wasadmin
v userPassword=wasadminpassword
3. mb,4(C' cn=itimadmin,ou=wasSecurity,dc=com#ZK>}P,Tivoli Identity
Manager \mC';8(* EJB C'(itimadmin)#khCTBVN:
v sn=itimadmin
v uid=itimadmin
v userPassword=itimadminpassword
hCO$zFMC'"am: *hCO$zFMC'"am,k4PTBYw:
1. t/ WebSphere \m~qw"ZXF(G<#
2. %w2+T –> +V2+T#
3. k!qTB!n:
v n/DO$zF:LTPA(a?6Z}=O$)
v n/DC'"am:LDAP
4. #fdC|D#
dCO$zF: *dCO$zF,k4PTB=h:
1. %w2+T –> O$zF –> LTPA#
2. * LTPA O$zF4("7O\k#
3. #fdC|D#
dC LDAP C'"am: *dC LDAP C'"am,k4PTBYw:
1. %w2+T –> C'"am –> LDAP#
2. k!qTB!n:
v ~qwC'j6 = wasadmin
v ~qwC'\k = wasadminpassword
v `M = directoryservertype
dP directoryservertype j6?<~qw,ng IBM_Directory_Server#
v wz = ITIM LDAP ~qwwz{
110 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
v y>(P{F(DN):ou=wasSecurity,dc=com
v y>(P{F(DN):dks((P{F,ng cn=root#
v BIND \k:dks((P{FD\k#
v vTs!4:!PK!n
3. #fdC|D#
tC2+T: *tC2+T,k4PTBYw:
1. %w2+T –> +V2+T#
2. %wtC#
3. g{zktC Java 2 2+T,I!q%w4P Java 2 2+T#g{!PK!n,
ryP&CLryXk'V Java 2 2+T#
4. #fdC|D#
`Zc73PtC2+T.sDKP: *ZtC2+T.sKP,k4PTBYw:
1. Z0P xg?p\mwDFczO,dk:
{WAS_NDM_HOME}\bin\stopManager [-username wasadmin -password wasadminpassword]{WAS_NDM_HOME}\bin\startManager [-username wasadmin -password wasadminpassword]
2. Zd|0PZczmLrDFczO,dk:
{WAS_HOME}\bin\stopNode [-username wasadmin -password wasadminpassword]{WAS_HOME}\bin\startNode [-username wasadmin -password wasadminpassword]
3. XBt/:/#k4PTB=h:
a. ZXF(O9C wasadmin C'j6M\kG<= WebSphere \m~qw#
b. %w~qw –> :/#
c. !q:/#
d. %w#9"%wt/#
4. XBt/ JMS ~qw#k4PTB=h:
a. G<= WebSphere \m~qw#
b. %w~qw –> JMS ~qw#
c. !q~qw#
d. %w#9"%wt/#
20 Tivoli Identity Manager .s`Zc?pDV/=h
*jI J2EE 2+Ti~DdC,kZ20 Tivoli Identity Manager .s4PTBYw:
+\mC'3d= Tivoli Identity Manager G+: *+\mC'3d= Tivoli
Identity Manager G+,k4PTBYw:
1. Z WebSphere Application Server \mXF(O,k%w&CLr –> s5&CL
r#
2. %w enRole#
3. Z0=StT1PrBv/"%w+2+TG+3d=C'/i#
4. !q ITIM_SYSTEM 4!r#
5. %wiRC'#
6. %wQw#
7. SPmP!q EJB C'(itimadmin)#
=< D. 2+T<G 111
8. %w7(#
9. 7#4!P0?vK?1r0yPQO$D?14!r#
":*@94-Z(DCJ,{Cb)4!rG\X*D#
10. #fdC|D#
dC was.policy D~: 7#D~ was.policy fZZ xg?p\mwZcDTB
?<P:
{WAS_NDM_HOME}\config\cells\<cellname>\applications\enRole.ear\deployements\enrole\META-INF
K_TD~Zh Tivoli Identity Manager Z4PYw1yhDmI(#d;K_T4T
Tivoli Identity Manager STNN^F,+G Java 2 2+TDtC'VZ WebSphere
\mDd|&CLrP5)2+T#g{CD~;fZ,kSz7 CD P(;"4FC
D~rZ8(D?<P4(CD~#
D~Z]&CkTBwP`F:
grant codeBase "file:;${application}" {permission java.security.AllPermission;};
+ WebSphere Application Server xg?pdCk%*PDZc,=#XBt/ Tivoli
Identity Manager :/#
Z`Zc73PXBt/ Tivoli Identity Manager: *XBt/ Tivoli Identity
Manager,k4PTBYw:
1. %w~qw –> :/#
2. !q:/{FT_D4!r#
3. %w#9#H}:/#9,;s%wt/#
hC1!nF,11ddt: 2+T9C;vaZ53&ZGn/4,;(1ddt
s}ZDnF#1!5G 120 VS,TZ9C Tivoli Identity Manager 45I\;;
$#
":Z;)53P,5J,11ddtI\H8(5*L#,1I\h9zG<#1
,1"z1,zXkXU xg?p\mw":/MyPDZczmLr#
*K7#nFP'Z^5cTs=@9bb,1,k4PTBYw:
1. CJ WebSphere Application Server \mXF(#
2. %w2+T –> O$ –> LTPA –> ,1#
3. hCnFP'Z^1ddt5,9.,}z>cD53&ZGn/4,Dn$$F
1ddt#
{C J2EE 2+T
*9C WebSphere \mXF({C J2EE 2+T,k4PTBYw:
1. %w2+T –> +V2+T#
2. !{!P({C)2+TM Java 2+T#
3. #9,;st/yPDZczmLr"JMS ~qwM&CLr~qw#
112 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
dC HTTP ~qwD8C=(
*a)d|2+T,IZ Tivoli Identity Manager j+20.sdC HTTP ~qw(n
g IBM HTTP Server),9.$tZ%*b?Fcz#bv}L|,20 Web ~q
w"S xg?p\mw4FtID~,T0dC Web ~qwZ~qwt/10kkd
C WebSphere #i#
TB>}kT Solaris =(OD IBM HTTP Server r Apache#kkTzD=(`&4
PTB=h:
1. Zb?FczO,20MdC HTTP ~qw#
2. Z http_server_dir/conf ?<B4({F* WebSphere D?<#
3. S xg?p\mwFcz+TBD~4F=?< http_server_dir/conf/WebSphere:
v was_deployment_mgr/bin/mod_ibm_app_server_http.so
v was_deployment_mgr/config/cells/plugin-cfg.xml
v was_deployment_mgr/etc/plugin-key.kdb
v was_deployment_mgr/etc/plugin-key.sth
4. Z%*Db?FczO,CD>`-wr* plugin-cfg.xml D~"4PTB|D:
v +?< was_deployment_mgr/etc/ DyP5}|D*?<
http_server/conf/WebSphere P#2MGC /opt/IBMHttpServer/conf/WebSphere
f; /opt/WebSphere/DeploymentManager/etc#
< 45. v?M2+TD HTTP ~qwdC
=< D. 2+T<G 113
v +D~ http_plugin.log D?<|D* http_server/logs#2MG+
/ o p t / W e b S p h e r e / A p p S e r v e r / l o g s / h t t p _ p l u g i n . l o g f ; *
/opt/IBMHttpServer/logs/http_plugin.log#
5. 9CD>`-wr* http_server_home/conf/httpd.conf D~?<,"ZD~)2mS
TBP:
# WebSphere plugin settingsLoadModule ibm_app_server_http_module http_server/conf/WebSphere/mod_ibm_app_server_http.soWebSpherePluginConfig http_server/conf/WebSphere/plugin-cfg.xml
}g,dkTBZ]:
# WebSphere plugin settingsLoadModule ibm_app_server_http_module /opt/IBMHttpServer/conf/WebSphere/mod_ibm_app_server_http.soWebSpherePluginConfig /opt/IBMHttpServer/conf/WebSphere /plugin-cfg.xml
":7# WebSphere Application Server Fix Pack 2 920ZP WebSphere Web ~
qwe~DFczO#
114 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< E. S Tivoli Identity Manager 4.3 }6= Tivoli IdentityManager 4.5
>ZhvS9C WebLogic D Tivoli Identity Manager V4.3 +T0D}]M#=}6
=9C WebSphere Application Server D Tivoli Identity Manager V4.5#
*jI(F,WH+9C WebLogic D Tivoli Identity Manager V4.3 20}6=9C
WebLogic D Tivoli Identity Manager V4.5#K}L+}6 Tivoli Identity Manager V4.3
}]bM LDAP ?<,9.k Tivoli Identity Manager V4.5 f]#u<}6s,B2
0D9C WebSphere Application Server D Tivoli Identity Manager V4.5 +20Zm
bD20D~PP,;sxPdC#
*<0
S Tivoli Identity Manager V4.3 }6= Tivoli Identity Manager V4.5 0,k4PTB
Yw:
1. }6MdCyPtZVP Tivoli Identity Manager 73;?VDm~,TzcBD
Tivoli Identity Manager f>D*s#b|((F}]b0?<~qwr*|G20
9!#
2. Z?<~qw}6}LP,+(h Tivoli Identity Manager SwPDu?,TiR
V{. enrole(;xVs!4)#g{tT5|,V{. enrole,CV{.+|D
* itim#yPtTPDKV{.<+f;,+PZ
{ITIM_HOME}\data\enRoleUnchangedAttributes.properties D~PDtT}b#
Z*<4P}6}L0,k+ Tivoli Identity Manager 4.3 LDAP SwDZ]<v=
LDIF D~#Z LDIF D~PQwV{. enrole#g{zR=|,Z}6}LP;
&|DD5DtT1,k4PTBYw:
a. Z Tivoli Identity Manager 4.5 20}LPT LDAP ?<}6!qq#
b. `- {ITIM_HOME}\data\enRoleUnchangedAttributes.properties D~TmSt
T{F#
c. V/wC LDAP ?<}6#
3. 7#?<~qwQt/RZKP#
4. 8]yP10 Tivoli Identity Manager E",|(tTD~MdChC#b)D~
Z {ITIM_HOME}\data P#
5. 7#]RSPPDyPn<Qe}"RyPXVwHB~(ngVP-w)Q>
}#1S Tivoli Identity Manager V4.3 }6= Tivoli Identity Manager V4.5 1;
'V$ww#f#Z}6.04jIbvNqI\<B Tivoli Identity Manager V4.5
"TA!XVr]RB~(T02014(D)1vVl##
6. g{zZ9C Oracle, k7# Oracle 0 Oracle l}w~qQt/#
© Copyright IBM Corp. 2003 115
S9C WebLogic D Tivoli Identity Manager 4.3 }6=9C WebLogicD Tivoli Identity Manager 4.5
>Zhv+9C WebLogic D Tivoli Identity Manager 4.3 20}6=9C WebLogic
D Tivoli Identity Manager 4.5 20yXhD=h#XkjIK}6.s,E\209
C WebSphere Application Server D Tivoli Identity Manager 4.5#
1. wC Tivoli Identity Manager 4.5 WebLogic 20Lr,"Lx}#4P20r<1
=vV0zQ20 BEA WebLogic Server 7.0 p?1T0r#
2. %wq#
K1+T>0zkLx20p?1T0r#
3. %wG#
K1+T>0zF.ZN&20 WebLogic Server?1T0r#
4. %wB;=TS\1! WebLogic Server ?<#
K1+T>0!q20D~P1T0r#
5. dk Tivoli Identity Manager 4.3 Dw?<#
K1+T>0zk}6p?1T0r#
6. %wG#
K1+T>020}LPzk}6 LDAP ?<p?1T0r#
7. %wG#b+t/ LDAP ?<}6#
":(}!qq,zI!qZ20s}6 LDAP ?<#20s,kwC bin ?<
PD ldapUpgrade 5CLr#
#=|BjIs,+T>0}]b#=}6QjI1T0r#
8. %w7(#
LDAP }6jI1,+T>0QI&}6?<~qw#=M}]1T0r#
9C WebLogic D Tivoli Identity Manager 4.3 }6=9C WebLogic D Tivoli Identity
Manager 4.5 QjI#
209C WebSphere Application Server D Tivoli Identity ManagerV4.5
>ZhvZS9C WebLogic D Tivoli Identity Manager V4.3 xP}6b;X(OB
DP209C WebSphere Application Server D Tivoli Identity Manager V4.5 yXh
D=h#
1. wC Tivoli Identity Manager 4.5 WebSphere 20Lr,"Lx}#4P20r<
1=vV0!q20?<1T0r#
2. !q;vk-< Tivoli Identity Manager 4.3 20;,DD~P420 Tivoli Identity
Manager 4.5#}g,itim45#
K1+T>0!q}]b`M1T0r#
3. !q Tivoli Identity Manager 4.3 20y9CDVP}]b`M#
4. Lx4PdM20,1=T>0}]bdCLr1T0r#
5. %w!{#
116 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
K1+T>0?<dC1T0r#
6. %w!{#
K1+vV053dC$_1T0r#
7. !q0?<1!n("dkVP?<~qwD,SE"#
8. %wbTTi$dkD,SE"G}7D#
9. !q0}]b1!n("dkVP}]bD,SE"#
10. %wbTTi$dkD,SE"G}7D#
11. %w0J~1!n(#
K10J~1!n(0Z+r*#
12. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
13. %w7("jI20#
209C WebSphere Application Server D Tivoli Identity Manager 4.5 QjI#
dCB20
>ZhvjIS9C WebLogic D Tivoli Identity Manager 4.3 (F=9C WebSphere
Application Server D Tivoli Identity Manager 4.5 yXhDdC=h#kvZS9C
WebLogic D Tivoli Identity Manager 4.3 }6=9C WebLogic D Tivoli Identity
Manager 4.5 "jIT9C WebSphere Application Server D Tivoli Identity Manager
4.5 D20s,jI>ZPD=h#
1. + CustomLabels.properties S Tivoli Identity Manager 4.3 data SD~P4F=
Tivoli Identity Manager 4.5 data SD~P#
2. ^D Tivoli Identity Manager 4.5 enRole.properties D~PDTBtT,9.%d
f"Z Tivoli Identity Manager 4.3 enRole.properties PDtT:
v enrole.defaulttenant.id
v enrole.organization.name
=< E. S Tivoli Identity Manager 4.3 }6= Tivoli Identity Manager 4.5 117
118 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5
>ZhvgNS Tivoli Identity Manager V4.4.x }6= Tivoli Identity Manager V4.5#
>ZjvK%;~qwM:/ Tivoli Identity Manager dCD}6#
Tivoli Identity Manager }6}LIV*=vWN:
v }6X8m~#zXk}6MdCw*VP Tivoli Identity Manager 73;?VDy
Pm~E\zcB Tivoli Identity Manager f>D*s#b|((F}]b0?<~
qwr*|G209!#
v 9C Tivoli Identity Manager 20Lr20 Tivoli Identity Manager DBf># Tivoli
Identity Manager 20Lr+}6 Tivoli Identity Manager Bf>*9CD}]bm"
?<~qw#=MtTD~#
":
1. >ZPa)D}68>E"Y(z+20MdC WebSphere Application Server V5.0
DB20,R|k WebSphere Application Server V4.0 2f#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}\properties\wsadmin.properties PD com.ibm.ws.scripting.port D5k
TBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
g;P%dD5,Tivoli Identity Manager ?pM Tivoli Identity Manager/WebSphere
Application Server dC+'\#
g{z;k#t WebSphere Application Server V4.0 D20,rXk9C WebSphere
Application Server V4.0 6XLrV/6X|#
2. g{zrc9C Tivoli Identity Manager V4.5 20Lr420 WebSphere Application
Server V5.0,rXk6XTBz7:
v WebSphere Application Server 4.0
v IBM MQSeries
v IBM MQSeries 'V| MA88
3. }6.s,H0DsFMU>}]I\kB}]^X#
*<0
S Tivoli Identity Manager V4.4.x }6= Tivoli Identity Manager V4.5 0,k4PT
BYw:
1. 8]yP10 WebSphere Application Server dChC,|( Tivoli Identity Manager
4.4.x DhC#b)D~Z {WAS_HOME}\config P#
2. 8]yP10 Tivoli Identity Manager E",|(tTD~MdChC#b)D~
Z {ITIM_HOME}\data P#
3. 8]?<~qw#kNDT&ZzDz7DD5#
4. 8]}]b#kNDT&ZzDz7DD5#
© Copyright IBM Corp. 2003 119
5. 7#2073zcr,} Tivoli Identity Manager V4.5 hs#kNDZ 95 3D=
< B, :kT Windows Dm~M2~*s;#
6. }6?<~qwM}]bm~Tzc Tivoli Identity Manager V4.5 D20hs#k
NDZ 95 3D=< B, :kT Windows Dm~M2~*s;#
7. 7#]RSPPDyPn<Qe}"RyPXVwHB~(ngVP-w)Q>
}#S Tivoli Identity Manager V4.4 }6= Tivoli Identity Manager V4.5 1;'
V$ww#f#Z}6.04jIbvNqI\<B Tivoli Identity Manager V4.5 "
TA!XVr]RB~(T02014(D)1vVl##
8. <8 WebSphere Application Server 73.kNDZ 99 3D:<8 WebSphere
Application Server 20;#
9. g{JC,kXU:/#
}6%;~qwdC
>Z|(}6 Tivoli Identity Manager %;~qwdC}L#jIV*TBNqiD}
L:
1. 20 WebSphere Application Server Base 5.0#kNDZ 102 3D:Z?vZcO2
0 WebSphere Application Server Base;Tq!}LE"#vTNNX(Z xg?
p\mwr:/DE"#
2. S Tivoli Identity Manager 4.4.x }6= 4.5#kND:S Tivoli Identity Manager
4.4.x }6= 4.5;Tq!}LE"#
S Tivoli Identity Manager 4.4.x }6= 4.5>Z|(S Tivoli Identity Manager 4.4.x }6= 4.5 D}L#
1. t/ Tivoli Identity Manager 20Lr:
instW2K-WAS.exe
K106-10Z+r*#
2. !q!1DoT"%w7(#
K10mI$-i10Z+r*#
3. DAmI$-i"7(GqS\dun#g{S\,k!qS\"%wB;=#
K10!q20`M10Z+r*#
4. !q%;~qw"%wB;=#
K10!q20?<10Z+r*#
5. %w!q...."!q Tivoli Identity Manager 4.4.x w?<#
6. %wB;=#
K1vV0zkS 4.4 }6= 4.5 p?1T0r#
7. !qG#
K1vV0WebSphere ;C7O1T0r#
8. 7O WebSphere w?<;C"%wB;=#
K1vV0!q WebSphere 2+T1T0r#
9. 7( WebSphere +V2+TZzD53PGq*n/D#g{ WebSphere +V2
+T&Zr*4,,r%w tC WebSphere 2+T,qr!q{C WebSphere
120 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
2+T#g{!q0tC WebSphere 2+T1"%wB;=,+mbvV;v0
Z,*sz8( WebSphere Application Server C'j6M\k#PX|`E",
kNDZ 107 3D=< D, :2+T<G;#
K1+vV08(S\\?1T0r#
10. a)S\\?"%wB;=#
K1+vV0$20**1T0r#
11. %w20#
K1+vV053dC$_1T0r#
12. %w0J~1!n(#
K10J~1!n(0Z+r*#
13. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
14. %w7("jI20#
":
1. }6}L&CqCT0dCD}]bT0 LDAP ~qw8kDE"#g{z^(,
S=b)J4,IT9C053dC$_1*b)53XBdC,StT#kND
Tivoli Identity Manager Server Configuration Guide,Tq!53dC$_E"#
2. g{Z20ZdSU=XZ enrole.ear D~Dms{",xg?p\mw I\;
\,S= SOAP KZ#k7#* SOAP dCDKZGZ WebSphere 5.0 20Zd
dCDKZ#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}\properties\wsadmin.properties PD com.ibm.ws.scripting.port D5k
TBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
g;P%dD5,Tivoli Identity Manager ?pM Tivoli Identity Manager/WebSphere
Application Server dC+'\#
}6:/dC
>Z|(}6 Tivoli Identity Manager :/dCD}L#b)}LVITBwNqi:
1. *:/dC20MdC WebSphere i~:
a. 20 WebSphere Application Server xg?p#kNDZ 100 3D:20
WebSphere Application Server xg?p;Tq!}LE"#
b. 20 IBM HTTP Server M Web e~i~#kNDZ 101 3D:20 IBM HTTP
Server M WebSphere Web ~qwe~;Tq!}LE"#
c. Z(z~qwO20 WebSphere Application Server Base 5.0#kNDZ 102 3
D:Z?vZcO20 WebSphere Application Server Base;Tq!}LE"#
d. dC:/73#kNDZ 100 3D:dC Tivoli Identity Manager :/;Tq!
|`E"#
2. * xg?p\mw53+ Tivoli Identity Manager 4.4.x }6= 4.5#kNDZ 122
3D:* xg?p\mw53+ Tivoli Identity Manager 4.4.x }6= 4.5;Tq!
}LE"#
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5 121
3. *I1Zc53+ Tivoli Identity Manager 4.4.x }6= 4.5#kNDZ 123 3D:*
I153+ Tivoli Identity Manager 4.4.x }6= 4.5;Tq!}LE"#
* xg?p\mw53+ Tivoli Identity Manager 4.4.x }6=
4.5>Z|(Zw\ xg?p\mw53D53OS Tivoli Identity Manager 4.4.x }6=
4.5 D}L#
":WebSphere Application Server xg?p 5.0 I0k= Tivoli Identity Manager 4.4.x
w~qwr(z~qwP#
1. Z xg?p\mwFczOt/ Tivoli Identity Manager 20Lr:
instW2K-WAS.exe
K106-10Z+r*#
2. !q!1DoT"%w7(#
K10mI$-i10Z+r*#
3. DAmI$-i"7(GqS\dun#g{S\,k!qS\"%wB;=#
K10!q20`M10Z+r*#
4. !q:/"%wB;=#
K10X*E"10Z+r*#
5. %wB;=#
K10!q20?<10Z+r*#
6. %w!q...."!q Tivoli Identity Manager 4.4.x w?<#
7. %wB;=#
K1+vV0zkS 4.4 }6= 4.5 p?1T0r#
8. !qG#
K10!q:/Zc`M10Z+r*#
9. !qZc`MD xg?p\mw"%wB;=#
K1+vV0WebSphere ;C7O1T0r#
10. 7O WebSphere w?<;C"%wB;=#
K1+vV0!q:/{F1T0r#
11. a)Z xg?p\mwZ4(D:/{F#
12. %wB;=#
K1+vV0!q WebSphere 2+T1T0r#
13. 7( WebSphere +V2+TZzD53PGq*n/D#g{ WebSphere +V2
+T&Zr*4,,r%w tC WebSphere 2+T,qr!q{C WebSphere2+T#g{!q0tC WebSphere 2+T1"%wB;=,+mbvV;v0
Z,*sz8( WebSphere Application Server C'j6M\k#PX|`E",
kNDZ 107 3D=< D, :2+T<G;#
K1+vV08(S\\?1T0r#
14. a)S\\?"%wB;=#
K1+vV0$20**1T0r#
122 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
15. %w20#
":g{Z20ZdSU=XZ enrole.ear D~Dms{",xg?p\mw I
\;\,S= SOAP KZ#k7#* SOAP dCDKZGZ WebSphere 5.0
20ZddCDKZ#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}\properties\wsadmin.properties PD com.ibm.ws.scripting.port D
5kTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
g;P%dD5,Tivol i Ident i ty Manager ?pM Tivol i Ident i ty
Manager/WebSphere Application Server dC+'\#
K1+vV053dC$_1T0r#
16. %w0J~1!n(#
K10J~1!n(0Z+r*#
17. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
":0Identity Manager ~qw URL1VN5Gz(;h|DD5#zITZK1
a)d|053dC$_1!n(D=SE"#
18. %w7("jI20#
":}6}L&CqCT0dCD}]bT0 LDAP ~qw8kDE"#g{z^(,
S=b)J4,IT9C053dC$_1*b)53XBdC,StT#kN
D Tivoli Identity Manager Server Configuration Guide,Tq!53dC$_E"#
*I153+ Tivoli Identity Manager 4.4.x }6= 4.5>Z|(Z:/I153PS Tivoli Identity Manager 4.4.x }6= 4.5 D}L#
":WebSphere Application Server xg?p 5.0 I0k= Tivoli Identity Manager 4.4.x
w~qwr(z~qwP#
1. ZI1ZczwOt/ Tivoli Identity Manager 20Lr:
instW2K-WAS.exe
K106-10Z+r*#
2. !q!1DoT"%w7(#
K10mI$-i10Z+r*#
3. DAmI$-i"7(GqS\dun#g{S\,k!qS\"%wB;=#
4. %wB;=#
K10!q20`M10Z+r*#
5. !q:/"%wB;=#
K10X*E"10Z+r*#
6. %wB;=#
K10!q20?<10Z+r*#
7. %w!q...."!q Tivoli Identity Manager 4.4.x w?<#
=< F. S Tivoli Identity Manager V4.4.x }6= V4.5 123
8. %wB;=#
K1+vV0zkS 4.4 }6= 4.5 p?1T0r#
9. !qG#
K10!q:/Zc`M10Z+r*#
10. !qZc`MD0:/I11"%wB;=#
K1+vV0WebSphere ;C7O1T0r#
11. 7O WebSphere w?<;C"%wB;=#
K1+vV0!q:/{F1T0r#
12. a)Z xg?p\mwZ4(D:/{F#
13. %wB;=#
K1+vV0!q WebSphere 2+T1T0r#
14. 7( WebSphere +V2+TZzD53PGq*n/D#g{ WebSphere +V2
+T&Zr*4,,r%w tC WebSphere 2+T,qr!q{C WebSphere2+T#g{!q0tC WebSphere 2+T1"%wB;=,+mbvV;v0
Z,*sz8( WebSphere Application Server C'j6M\k#PX|`E",
kNDZ 107 3D=< D, :2+T<G;#
K1+vV08(S\\?1T0r#
15. a)S\\?"%wB;=#
K1+vV0$20**1T0r#
16. %w20#
":g{Z20ZdSU=XZ enrole.ear D~Dms{",xg?p\mw I
\;\,S= SOAP KZ#k7#* SOAP dCDKZGZ WebSphere 5.0
20ZddCDKZ#
ZP=v WebSphere Application Server 202fD73P,zh7#Z
{WAS_HOME}\properties\wsadmin.properties PD com.ibm.ws.scripting.port D
5kTBD~PD server1 D SOAP_CONNECTOR_ADDRESS BDKZ%d:
{WAS_HOME}\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
g;P%dD5,Tivol i Ident i ty Manager ?pM Tivol i Ident i ty
Manager/WebSphere Application Server dC+'\#
K1+vV053dC$_1T0r#
17. %w0J~1!n(#
K10J~1!n(0Z+r*#
18. +0Identity Manager ~qw URL1VND5|D*zD~qwD URL 5"%w
&C#
":0Identity Manager ~qw URL1VN5Gz(;h|DD5#zITZK1
a)d|053dC$_1!n(D=SE"#
19. %w7("jI20#
":}6}L&CqCT0dCD}]bT0 LDAP ~qw8kDE"#g{z^(,
S=b)J4,IT9C053dC$_1*b)53XBdC,StT#kN
D Tivoli Identity Manager Server Configuration Guide,Tq!53dC$_E"#
124 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< G. 6X Tivoli Identity Manager
Tivoli Identity Manager 6X}L+6XTBwn:
v Tivoli Identity Manager,|,Z Tivoli Identity Manager 20}LP4F=?j53
DyP {ITIM_HOME} D~
v Z WebSphere Application Server O* Tivoli Identity Manager 4(D Tivoli Identity
Manager &CLrMdChC
6X Tivoli Identity Manager ;a^DVP}]bmr?<~qw#=#Tivoli Identity
Manager 6XLr+S WebSphere Application Server P}% Tivoli Identity Manager
&CLr#
*6XI\Z Tivoli Identity Manager 20}LP20Dd|z7,ng WebSphere
Application Server r IBM HTTP Server,kNDT&ZCz7DD5#
":g{S:/dC6X Tivoli Identity Manager,kHSyP:/I1}% Tivoli
Identity Manager,YS0P xg?p\mwDFczP}% Tivoli Identity
Manager#
*<0
g{Z6X Tivoli Identity Manager 0rc#f WebSphere PD Tivoli Identity Manager
dCE",k8] WebSphere dCD~#
1. t/ WebSphere Application Server#XZt/K~qwD|`E",kNDI
WebSphere Application Server a)DD5#
2. Zw\ WebSphere Application Server DFczOKPTB|n4Fw;v8]D~:
{WAS_HOME}\bin\backupConfig.bat
K|n4(;v|,yP10 Tivoli Identity Manager dChCD9uD~,ng
WebSphereConfig_2003–07–10.zip#KD~4(ZzKP backupConfig |nD?<
P#
":*4-dChC,kKPTB|n:
{WAS_HOME}\bin\restoreConfig.bat WebSphereConfig_datevalue.zip
":
1. g{*S:/dC6X Tivoli Identity Manager,k7# xg?p\mw}ZKP#
mb,*K,V&CLr~qwM xg?p\mw.dD(E,Z4P6X}L.
09&i$ZczmLr}Z53OKP#
2. g{;P JVM 1.3 D>X1>r;P>XD WebSphere Application Server Base 2
0$tZ53O,rS xg?p\mw536X Tivoli Identity Manager 1av=
J b # Z b V i v B , z I T 2 0 ; v J V M 1 . 3 > X 1 > , r | B
<ITIM_HOME>/itimUninstallerData/Uninstall ITIM.lax LAX D~D JVM (e#
k+BP:
lax.nl.current.vm=\java\bin\javaw.exe
© Copyright IBM Corp. 2003 125
|D*
lax.nl.current.vm=<was_ndm_home>\java\bin\javaw.exe
6X Tivoli Identity Manager D=h
*6X Tivoli Identity Manager,k4PTBYw:
1. Z0P Tivoli Identity Manager DFczOKPTB|nT6X Tivoli Identity
Manager &CLr:
{ITIM_HOME}\itimUninstallerData\Uninstall_ITIM
2. Lx4P6Xr<fe,T7Oz#{6X Tivoli Identity Manager#
3. Z6XI&jIs,SD~53}% Tivoli Identity Manager DyPfZD?<"
dCD~MU>D~#
Tivoli Identity Manager 6XLr9}%?pZ WebSphere Application Server D Tivoli
Identity Manager &CLr#
*i$ Tivoli Identity Manager QS WebSphere Application Server w*&CLr;6
X"}%,k4PTBYw:
1. t/ WebSphere Application Server \mXF("G<#
2. S<=wP,/@?jZc"%wZ|.BDs5&CLr4S#
K1+T>;v20Z&CLr~qwODs5&CLrDPm#g{z4={*
enRole D&CLrPZdP,r Tivoli Identity Manager 6XLr4\T/S
WebSphere Application Server }% Tivoli Identity Manager &CLr#zITV/
}%&CLr#g{ZPmP4R= enRole &CLr,r Tivoli Identity Manager
6XLrQS WebSphere Application Server PI&}%K Tivoli Identity Manager
6XLr#
*S WebSphere Application Server w*&CLrV/}% Tivoli Identity Manager,
k4PTBYw:
1. t/ WebSphere Application Server \mXF("G<#
2. S<=wP,/@?jZc"%wZ|.BDs5&CLr4S#
K1+T>;v20Z&CLr~qwODs5&CLrDPm#
3. !q enRole &CLrT_D4!r#
4. %w#94%#
5. 1I	 enRole &CLr1,k!q enRole &CLrT_D4!r#
6. %w6X4%#
7. li enrole.ear ?<Qj+S
{WAS_HOME}\AppServer\config\cells\servername\applications }%#
8. }% {WAS_HOME}\AppServer\logs PD itim.log#
":Z:/73P,;)S xg?p\mw53}% Tivoli Identity Manager,Tivoli
Identity Manager T:/+;YIC#(}q-TOyPDV/6X&CLrD8>
E",zITS%v:/I1P}% Tivoli Identity Manager#
126 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
=< H. yw
>E"G*Z@za)Dz7M~q`4D#IBM I\Zd|zRrXx;a)>D5
PV[Dz7"~qr&\XT#PXz10yZxrDz7M~qDE",krz
1XD IBM zmI/#NNT IBM z7"Lrr~qD}C"GbZw>r5>;
\9C IBM Dz7"Lrr~q#;*;V8 IBM D*6z(,NN,H&\Dz
7"Lrr~q,<ITzf IBM z7"Lrr~q#+G,@@Mi$NNG IBM
z7"Lrr~q,rIC'TP:p#
IBM +>I\Q5Pr}Zjkk>D5Z]PXDwn({#a)>D5"4ZhC
'9Cb)({DNNmI$#zITCif==+mI$i/Dy:
IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.
PX+VZ(DBCS)E"DmI$i/,kkzyZzRrXxD IBM *6z(?E
*5,rCif==+i/Dy:
IBM World Trade Asia CorporationLicensing2-31 Roppongi 3-chome, Minato-kuTokyo 106-0032, Japan
>un;JC"zrNNbyDunk1X(I;;BDzRrXx:zJL5zw
+>T04V41Dy!a)>vfo,;=PNNN=D(^[Gw>D,9G,
>D)#$,|((+;^Z)TGV(T"JzTMJCZ3X(C>D,>#
$#3)zRrXxZ3);WP;Jmb}w>r,>D#$#rK>unI\;
JCZz#
>E"PI\|,<u=f;;<7DX=r!"ms#K&DE"+(Z|D;b
)|D+`k>vfoDBf>P#IBM ITf1T>vfoPhvDz7M/rLr
xPDxM/r|D,x;mP(*#
>E"PTG IBM Web >cDNN}C<;G*K=cp{Ea)D,;TNN==
d1TG) Web >cD#$#C Web >cPDJO;G IBM z7JOD;?V,
9CG) Web >cx4DgU+IzTPP##
IBM IT4|O*J1DNN==9CrV"zya)DNNE"x^kTzP#NN
pN#
>LrD;mI=g{*KbPXLrDE"To=gB?D:(i)JmZ@"4(
DLrMd|Lr(|(>Lr).dxPE";;,T0(ii)JmTQ-;;DE
"xP`%9C,kkBPX7*5:
IBM Corporation2ZA4/10111400 Burnet Road
© Copyright IBM Corp. 2003 127
Austin, TX 78758U.S.A.
;*qXJ1Du~Mun,|(3)iNBD;(}?D6Q,<IqCb=fD
E"#
>JOPhvDmILr0dyPICDmIJOyI IBM @] IBM M'-i"IBM
zJLrmI$-irNN,H-iPDuna)#
K&|,DNNT\}]<GZ\X73PbCD#rK,Zd|Yw73PqCD
}]I\aPwTD;,#P)b?I\GZ*"6D53OxPD,rK;#$k
;cIC53OxPDb?a{`,#Kb,P)b?G(}Fcx@FD,5Ja
{I\aPnl#>D5DC'&1i$dX(73DJC}]#
f0G IBM z7DE"ISb)z7D)&L"dvf5wrd|I+*qCDJO
Pq!# IBM ;PTb)z7xPbT,2^(7OdT\D+7T"f]TrNN
d|XZG IBM z7Dyw#PXG IBM z7T\DJb&1rb)z7D)&L
av#
Lj
TBuoGzJL5zw+>Z@zM/rd|zRrXxDLjr"aLj:
AIX
DB2
IBM
IBM Uj
SecureWay
Tivoli
Tivoli Uj
Universal Database
WebSphere
Lotus G Lotus Development Corporation M/r IBM +>D"aLj#
Domino GzJL5zw+>M Lotus Development Corporation Z@zM/rd|zR
rXxDLj#
Microsoft"Windows"Windows NT M Windows UjG Microsoft Corporation Z@z
M/rd|zRrXxDLj#
UNIX G The Open Group Z@zMd|zRrXxD"aLj#
Java™ 0yPyZ Java DLjMUjG Sun Microsystems,
Inc. Z@zMd|zRrXxDLjr"aLj#
d|+>"z7M~q{FI\Gd|+>DLjr~qjG#
128 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Jcm
2A3
2+WSVc(secure socket layer,SSL): CZ(}
rXx+d=KD5D-i#SSL D$w-mG9C(C
\?S\(} SSL ,S+dD}]#
2B3
;ksTs(requestee): ksa;ykTDK1#
p{(alias): C'm],(#F*C'j6#C'IT
PtIp{,}g:GSmith M GWSmith#
"C8n(join directive): (e1=vr`v)&_T
"ze;1gN&mtTD;ifr#
;JmDYw(disallowed action): ;iCZ-wDN
},(eZ3K;;JmT!(~q5PJ',+ Tivoli
Identity Manager ~qw"VKbyDJ'1*I!DY
w#KN}vZ0li_T14!r!P1P'#
2C3
Nk_(participant): Zm]\mP,P(l&(}$
ww}fa;DksDK1#Nk_I;j6*ve"G
+r(}9C(F JavaScript E>(e#
Yw(f(operation report): 4Yw`M"UZ"Y
wks_MYwksTsPv Tivoli Identity Manager Yw
ksD(f#
_T5)(policy enforcement): Tivoli Identity
Manager 53'Vr;'V%4)&_TDJ'D==#
_T(policy): Z Tivoli P,&CZ\\J4D;if
r#}g,_TI&CZ\krC'T<CJDJ4#
i/(query): ^F-wT5XO!ViD==#
2D3
}&mPm(to do list): QVdxC'*sjID;i
Ywn#
zm(delegate): ;8(*:pTd{C'z<ksr
a)ksE"Dve#
gSmq(electronic form): gSmqw*#eCT(
e;ksDCJDwvN}#
2F3
6'(scope): _T\0lD6'#
(#,6'(e*%vwrSw#16'(e*%vw
1,_Tv0l|(eyZ,;V'PD5e#16'(
e*Sw1,_T0l|(eyZDV'0dp4V'S
tDyPd|V'#
CJXFE"(access control information,ACI): j
6irweCJ(D}]#km{CJXF(access
control)#
CJ(access): 9Cf"ZFcz53ODE"r}]
DX(#
Gn/J'(inactive account): Z53PfZ+J'
yP_4Z9CDJ'#
V'(branch): i/wZD?;cyF*V'#wP?
V`MDV'I;,D<jm>#(}%wV'T_DS
E(+)Ii4xPSV'DV'Z]#
~q!q_T(service selection policy): 7(Z)&
_TP9CDV~qD JavaScript }Kw#
~q(service): ~qwr`Xm~P4Pw*&\DL
r#
4-(restore): XB$n]RDJ'#
2G3
vKE"(personal information): C'DvKE"#
b)E"I|(U"{"R%X7"g0Ek"gSJ~
X7"l+Rg0Ek"w\KU{H#
2mX\(shared secret): CZlwC'u<\kTc
CJ Tivoli Identity Manager 53DS\5#C5ZC'D
vKE"nu0k=531(e#
)&_T(provisioning policy): (eCJwV`MD
\\~q(ng Tivoli Identity Manager rYw53)D_
T#CJ(HIZhyPK,2IyZK1Di/G+4
Zh#CJ2IXpZ(xGNNi/G+I1DK1#
)&(provision): Zi/PhCM,$T53DC'C
J#
$ww(workflow): 4s55qwL4PDn/rP#
© Copyright IBM Corp. 2003 129
B_L(B_LJ')(orphan,orphan accounts):
Z Tivoli Identity Manager 53P;\7(dJ'yP_D
6LJ4ODJ'#
X|V(keyword): ZQw1j6_TDw}u?#
\mr(admin domain): Tivoli Identity Manager 5
3Pi/DVx,|,dTmD_T"~qM ACI H#?
v\mr<ITP\m1,+K\m1;\\mri4d
|\mrD_T"~qM ACI#
2H3
n/J'(active account): QfZR}IyP_CZ
CJJ4DJ'#
2J3
2,i/G+(static organizational role): ;\V/
VdDi/G+#
\x(f(rejected report): 4UZ"ksYw_Mk
sYwTsPv;\xksD(f#
2K3
X~`M(control type): zmC'gfOVN`MD
Java `M`D5}#
2M3
\k_T(password policy): (eyP\kXkzc
DN}/(ng$H"JmM;JmDV{`M)Df
r#
\kP'Z^(password expiration period): ZC'
;?F|D\k0\kI9CD1d#
\k(password): ZFczMxg2+TP,IC'd
kR;53O$DX(V{.,|JmC'qCT53T
0f"ZdPDE"DCJ(#
?<~qjGoT(Directory Services MarkupLanguage,DSML): ;V XML 5V,*Z;,D?
<53PhvM2m?<~qE"a)(Cq=#
2P3
>$(credential): C'DC'j6M\kE",I(}
9C|G4CJJ'#
2Q3
){(^(signature authority): z<r\xa;=$
ww}fDksD(^#1C'rC'iZ$wwhFP
8(*Nk_r}6Nk_1,Zh{G){(^#
ksK(requestor): a;ksDK1#
ks(request): Tivoli Identity Manager 53Pksz
<rE"DYwn#
2R3
O$PD(Certificate Authority,CA): )"$iDi
/#O$PDxp$iyP_Dm]0yP_;Z(9C
D~q")"BD$i"x)VP$i"7z;Y;Zh
9C(DC'ytD$i#
O$(authentication): j6veD}L((#yZC
'{M\k)#Z2+T53P,O$kZ(G;,D,
Z(GyZveDm]Zh{GCJ53TsD}L#O
$v7#veG{r}yywDGy,+TveDCJ(
;wNN5w#
2S3
m]_T(identity policy): Tivoli Identity Manager 5
3(egN4(C'j6Dfr#
sFzY(audit trail): x(1dNZFcz53BqD
G<#
}6Nk_(escalation participant): Zm]\mP,
P(TNk_Z8(}61dZ;Pl&Dkswvl&
DK1#}6Nk_I;j6*ve"G+r(}9C(
F JavaScript E>j6#
}61^(eacalation limit): Nk_XkZ}6"z0
l&ksD1d(Tl}"!1"VVrk*%;)#
5e(entity): 1)PXE";f"DK1rTs#
2)TBwV`PD;V,Tivoli Identity Manager 53P+
}CTBw`:
v Person
v BPPerson
v Organization
v BPOrganization
Z(yP_(authorization owner): IZdytDi/
%*OBDP(eCJXFE"(ACI)DC'i#
130 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Z((authorization): ZFcz2+TP,(^;Zh
C',9CC'kFcz53xP(Er9CFcz5
3#Z(GZhC'TTs"J4r&\j+r\^FD
CJ(D}L#
s`}Fcz2+T53GyZ==jID}L#Z;W
NGO$,7#C'G{r}yywDGy#Z~WNG
Z(,y]C'Dm]JmC'CJwVJ4#
Z((entitlement): 2+\mPD}]a9"~qrz
m_TE"D;itT#
tT5)(attribute enforcement): 53\m1(eJ
'yhtT0G)tTDP'5D}L#
}V$i(digital certificate): CZ2+T?DDgS
{"=~#
yP_(owner): Z Tivoli Identity Manager 53P5
PJ'r~qDK1#
2T3
aJ&p(challenge response): 1C'G<xg1*
sC'(}a)vKE"X&a>Ti$dm]DO$=
(#
2W3
4vks(pending requests): Qa;=53+P4j
IDks#
;C(location): ImS=i/PD;V=t5e#(
#,*Ki/\m?D4_-==VtXm;C1aC=
;C#
2X3
53\m1(system administrator): ICJ53Py
PxrDve#
Z Tivoli Identity Manager 53Pa)K$dCD ITIM
i#K ITIM ihF*IZhI1nsD53CJ(#\m
1 ITIM iDI1C'ICJyP53&\M}]#
zJ(de-provision): }%~qri~#}g,z%J
'b6ESJ4P>}J'#
-w(f(reconciliation report): PvTns;N4
P-wpR=DB_LJ'D(f#
-w(reconciliation): HOPk}]bk\\zm53
DE"0j6=_dnlD}L#
E"ks(request for information,RFI): Zm]\
mP,S8(Nk_ks=SE"DYwn,bG$ww
PDXh=h#
2Y3
5q%;(business unit): i/D=t5e#
5qoiI1(business partner person): 5qoi
i/PDI1#
5qoii/(business partner organization): I
mS=i/PD;V=t5e#(#,5qoii/C4
j6P|L")&Lrd|G1SM1+I\h*CJ+
>J4DveDi/#
QjIDks(completed requests): Qa;=53R
jIDks#
C'(f(user report): 4UZ"Ywks_kYwk
sTsPvyP Tivoli Identity Manager YwD(f#
C'gf(user interface,UI): C'k53;%9C
DT>gf
C'`(u s e r c l a s s ): ;V L D A P `,ng
inetorgperson r BPPerson#
C'{(user name): C'CZCJ53Dj6#Kj
6,12r53j6C',"Jm53y]wV;,i/
G+M ITIM iPDC'I1Jq7(C'DCJ(#
C'(user): k53;%DNNK#
r\m1(domain administrator): I(ek\mRv
ZdT:D\mrP(ek\m)&5e"_T"~q"
$ww(e"G+0d\mrZC'D\m1#
<x(constraint): TN}r_TD^F#
2Z3
]R(suspend): !{$nJ'9CJ'yP_;\G
<=J4DYw#
J'(f(account report): PvwK1"dX*J'
T0J'GqqS10_THE"D(f#
J'(account): (eC'G<E"MCJXFE"D
;iN}#
Pk}]b(central data repository): CZG<Mf
"C'}]0yPQ"aC'DCJX(}](|(Bq
M,$G<)D}]b#
Jcm 131
w\K(supervisor): Z Tivoli Identity Manager 53
P8(*5q%*yP_DK1#
J4)&\m( R P M , r e s o u r c e p r o v i s i o n i n gmanagement): iOK}vX|*X - 5q_-"$
ww\mMV<zmLrD\m-m,b}v*XaOZ
;pTC'CJE"k5qJ4a)/P)&\m#
J4(resource): Tivoli m~\mD2~"m~M}]
5e#km{\\J4(managed resource)#
SxL(subprocess): w*m;$wwhFD;?V*
<D$wwhF#
i/%*(organizational unit): i/Z(eDCZ+
i/8V*|P{Z\mDiDC'MJ4we#C';
j+Vd=;vi/%*#J42j+;Vd=;vi/
%*,}G|GTZi/(e*+VJ4#
i/G+(organizational role): Zm]\mP,C4
7(Z(CJwV\\J4D_TI1JqDtT#
i/w(organization tree): i/DcNa9,a)4
("CJMf"i/E"D_-;C#
i/(organization): Zm]\mP,`1@"DC'
MJ4we#d;i/.dDJ42mGI\D,+Gi
/.dD/I6p`TOM#(#,;vi/zm;v+
>#
A
ACI ?j(ACI target): \ ACI XFD;i5e#
ACI 4(ACI origin): i/wP ACI 4(yZDV'#
D
DSML m])x(DSML identity feed): Tivoli Identity
Manager D}V1!~q`M.;#
DSML m])x~qSK&J4}]brD~<kC'}
]"r Tivoli Identity Manager ?<)xb)E"#K~q
IT4TB=V==PD;VSUE":-wr4-ks
D(*#
H
HR )x(HR feed): Tivoli Identity Manager 53S
K&J4}]brD~<kC'}]DT/}L#kND
DSML m])x(DSML identity feed)#
I
ITIM i(ITIM group): Tivoli Identity Manager ~qw
ZDC'i#
I'F ITIM i9(53CJM\m#;x,XkH*vK
)& ITIM J'E\+CC'Vdx ITIM i#;) ITIM
J')&x3K,KKMG ITIM C'K"\Sk= ITIM
iP#
T
Tivoli Identity Manager zmLr(Tivoli IdentityManager Agent): Z?j\\53M Tivoli Identity
Manager ~qwdDG\SZ#|d1IEDib\m1,
"RG*;C'ksT0a)wV?j532+CJdC
DX|i~#
Tivoli Identity Manager ~qw(Tivoli IdentityManager Server): hFCZ?pyZ_TD)&bv=
8Dm~M~q|#
132 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
w}
[A]20
XBt/:/ 84
U>
%;~qw 53
:/ 82
3r
%;~qw 37
d|dC 44, 74
:/ 64
!q}]b 39, 67
IBM HTTP Server 101
Oracle
AIX 16
Solaris 17
Windows 18
SQL Server 2000 20
Tivoli Identity Manager ~qw
%;~qw 29
wL<,%;~qw 36
wL<,:/ 63
:/ 57
T/D 29
WebSphere Application Server xg?p 100
WebSphere Application Server Base 102
20?<
IBM HTTP Server VN 35
WebSphere 6k={"+]'V 35
WebSphere Application Server VN 34
WebSphere Application Server Base VN 62
[B]X8m~
4(
:/ 59
%;~qw
\m(^ 30, 57
?<~qw 29
}]b 29
*r* WebSphere +V2+Tp? 30
~qw
IBM HTTP Server 96
WebSphere Application Server xg?p 96
WebSphere Application Server Base 96
$wm
%;~qw 31
:/ 58, 59
lb
IBM HTTP Server 29
X8m~ (x)
lb (x)
WebSphere 6k={"+]'V 29
WebSphere Application Server 29
:/
ZczmLr 57
?<~qw 57
}]b 57
xg?p\mw 57
HTTP a0VCT 84
JMS ~qw 57
WebSphere Application Server Base 57
D5 v
T/20,%;~qw 29
w* root D(^ 57
IBM HTTP Server
T/20,%;~qw 29
root C' 57
WebSphere 6k={"+]'V
T/20,%;~qw 29
WebSphere Application Server Base
T/20,%;~qw 29
Windows OD\m(^ 30
`F IBM DB2 }]bD?< 14
[C]Yw53
Windows 2000 Advanced Server 'VD 95
c
$ww(WF) 6, 59
C'gf(UI) 6, 59
w*&\S/D(e 6
vfo
X8m~ v
(z!n vii
9CD<( vii
`X vi
Z_CJ vii
IBM DB2 vi
IBM Directory Server vi
IBM HTTP Server vi
Oracle vi
SQL Server 2000 vi
Sun ONE Directory Server vi
Tivoli Identity Manager v
Web zm~qw vi
WebSphere 6k={"+]'V vi
WebSphere Application Server vi
u<]?,}]bXVN 32, 60
VeD> vii
© Copyright IBM Corp. 2003 133
[D]%Zc,J2EE 2+TdC 107
%;~qw
20
d|dC 44
U> 53
3r 37
Tivoli Identity Manager ~qw 29
20wL< 36
X8m~
\m(^ 30, 57
?<~qw 29
}]b 29
*r* WebSphere +V2+Tp? 30
$wm 31
dC
20 29
WebSphere Application Server 4
%;:/dC
20 64
WebSphere Application Server 6
%*
mSZc 103
WebSphere Application Server 3
G<S1k},}]bXVN 33, 61
HmVMD> vii
KZ
e;,bv 25
?<~qwVN 33, 61
2809 25
8880 25
9043 25
9080 25
9090 25, 34
9090,bvk wsmserver De; 100
9091 34
9443 25
Bootstrap/rmi 25
SOAP ,Sw 26
WebSphere Application Server VN 34
KZE,}]bVN 32, 60
`Zc,J2EE 2+TdC 110, 111
[F]~qw
X8m~
IBM HTTP Server 96
WebSphere Application Server xg?p 96
WebSphere Application Server Base 96
V/20,:/ 99
T/20,%;~qw 29
~qw{F,WebSphere Application Server VN 34
(z!n,D5 vii
[G]&\:/dC
4c|{:/(UI,WF) 6, 59
WebSphere Application Server 7
$wm
%;~qw 31
:/ 59
$wwc,Tivoli Identity Manager 6
$w>wz{,WebSphere Application Server VN 34
\m(^,7#20.0 30, 57
\m(^,Windows 30
\m1j6,}]bVN 32, 60
\m1\k,}]bVN 32, 60
\m1\k,WebSphere Application Server VN 34
\m1C'j6,WebSphere Application Server VN 34
[H]:eX,* IBM DB2 4( 12
:eX,IBM DB2 12
[J]S\
\? 43, 73
WebSphere Application Server 35, 62
lbX8m~
IBM HTTP Server 29
WebSphere 6k={"+]'V 29
WebSphere Application Server 29
Zc
mS=%* 103
WebSphere Application Server 3
ZczmLr
7#t/"KP 104
WebSphere Application Server 3
Zc{,WebSphere Application Server VN 34
{C,J2EE 2+TdC 112
[L]*5'V vii
wL<
%;~qw20 36
:/20 63
[M]\k
?<~qwVN 33, 61
0secret1w*20sDu<5 36, 63
Tivoli Identity Manager VN 36, 63
|n
db2 catalog 14
134 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
|n (x)
db2 connect 12
db2 create 12
db2 create bufferpool 12
db2 force application all 13
db2 update 12
db2cmd 12
db2set 11
db2start 13
db2stop 13
usejdbc2 15
?<~qw
dC,u< 45, 75
VN
KZ 33, 61
\k 33, 61
1!i/L{F 33, 61
"Pf"x}? 33, 61
v?F} 34, 62
wz{ 33, 61
we DN 33, 61
i/{F 33, 61
nuDXs! 34, 62
nsXs! 33, 62
Identity Manager DN ;C 33, 61
[N]Zf;;ms,9C applheapsz 15
[P]dC
Ev 3
f. 3
?<~qw 45, 75
}]b 44, 74
IBM DB2 11
uo 3
IBM DB2
~qw 12
:eX 12
Z~qwO4(C' 13
Z:/FczO4(C' 14
applheapsz 15
JDBC }/Lr 14
IBM Directory Server
}Cj{T 22
V4.1 22
Oracle 19
SQL Server 2000 20
Sun ONE Directory Server 26
Tivoli Identity Manager
02+T1!n( 52, 81
0#f1!n( 46, 76
dC (x)
Tivoli Identity Manager (x)
0?<1!n( 47, 77
0U>G<1!n( 49, 79
0}]b1!n( 48, 78
0J~1!n( 50, 80
UI !n( 51, 81
WebSphere Application Server
%;~qw 4
%;:/ 6
&\:/ 7
9C Tivoli Identity Manager 9
[Q]+V2+T
dC 107
Z20.07(4, 30
itimadmin 109
wasadmin 109
WebSphere Application Server
hC 34, 41, 62, 71
53C'VN 35, 62
EJB C'VN 35, 63
1!i/L{F,?<~qwVN 33, 61
7#KPxL
9C runConfig(53dC) 54, 83
:/
20
d|dC 74
U> 82
3r 64
3r*s 57
Z....sXBt/ 84
Tivoli Identity Manager ~qw 57
20wL< 63
X8m~
ZczmLr 57
?<~qw 57
}]b 57
xg?p\mw 57
HTTP a0VCT 84
JMS ~qw 57
WebSphere +V2+T 107
WebSphere Application Server Base 57
I1
d|dC 74
nd:/ 59
xg?p\mw.sD203r 64
WebSphere Application Server 4
4(
Z20 Tivoli Identity Manager .0 59
$wm 59
Z xg?p\mw\mXF(O4( 103
WebSphere Application Server 3
:/{F,WebSphere Application Server VN 62
w} 135
[R]O$PD
~qwkzmLrD(E 56, 86
\'VD$i`M 56, 86
U>
%;~qw20 53
:/20 82
U>G<6p 35, 62, 63
[S]"Pf"x}?,?<~qwVN 33, 61
}6
%;~qwdC 120
dC 117
:/dC 121
}60 115, 119
IBM HTTP Server 121
Tivoli Identity Manager 115, 119
}]b
dC
u<D 44, 74
IBM DB2 11
Z20}LP!q 39, 67
VN
KZE 32, 60
\m1j6 32, 60
\m1\k 32, 60
}]b`M 32, 60
}]b{F 32, 60
}]bC' 32, 60
C'\k 32, 60
IP X7 32, 60
}]bX
u<]? 32, 60
G<S1k} 33, 61
ns]? 32, 61
}]bM'z,JDBC }/Lr 14
}]b`M,}]bVN 32, 60
}]b{F,}]bVN 32, 60
}]bC',}]bVN 32, 60
uo
%* 3
$ww(WF) 6
Zc 3
ZczmLr 3
:/ 3
:/I1 4
xg?p\mw 3
&CLr~qw 3
C'gf(UI) 6
jmsserver 9
WebSphere 6k={"+]'V 9
WebSphere Application Server 3
WebSphere Web ~qwe~ 4
3r
20,%;~qw 37
20,:/ 64
d|dC 44, 74
*s,:/20 57
[W]xg?p\mw
7#t/"KP 104
WebSphere Application Server 3
D5
(z!n vii
`X v, vi
Z_CJ vii
IBM DB2 vi
IBM Directory Server vi
IBM HTTP Server vi
Oracle vi
SQL Server 2000 vi
Sun ONE Directory Server vi
Web zm~qw vi
WebSphere 6k={"+]'V vi
WebSphere Application Server vi
[X]53C'VN,WebSphere Application Server 35, 62
^F
,`Yw53 9
UI,,;FczOD WF :/I1 9
WebSphere 6k={"+]'V 99
WebSphere Application Server D`v5},,;Fcz 9
`XD5 v, vi
1eD> viii
6X
Tivoli Identity Manager 125
#f WebSphere PDdCE" 125
=h 126
?<~qw#= 125
d|z7 125
}]bm 125
hs
IBM HTTP Server 96
WebSphere Application Server Base 96
!n(
2+T 52, 54, 81, 83
#f 46, 76
?< 47, 77
U>G< 49, 79
}]b 48, 78
J~ 50, 80
UI 51, 81
136 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
[Y]*s
/@w,v Windows 97
CA $i 56, 86
IBM DB2 95
IBM Directory Server 96
Microsoft SQL Server 95
Oracle 95
Sun ONE Directory Server 96
WebSphere Application Server xg?p 96
Windows 2000 Advanced Server 95
}Cj{T
IBM Directory Server 22
timdelref.conf 23
&CLr~qw,WebSphere Application Server 3
C' v
C'j6,Tivoli Identity Manager VN 36, 63
C'gfc,Tivoli Identity Manager 6
C'\k,}]bVN 32, 60
J~~qw{F 35, 62, 63
<(,vfoP vii
[Z]v?F},?<~qwVN 34, 62
'V,*5 vii
wz{,?<~qwVN 33, 61
we DN,?<~qwVN 33, 61
T/D,20%;~qwX8m~ 29
i/{F,?<~qwVN 33, 61
nuDXs!,?<~qwVN 34, 62
nsXs!,?<~qwVN 33, 62
ns]?,}]bXVN 32, 61
[XpV{]02+T1!n( 52, 81
0#f1!n( 46, 76
0?<1!n( 47, 77
0U>G<1!n( 49, 79
0}]b1!n( 48, 78
0J~1!n( 50, 80
0secret1w* Tivoli Identity Manager 20sDu<\k#
36, 63
[}V]2809
KZ 25
D~;C 25
8880
KZ 25
D~;C 26
9043
KZ 25
9080
KZ 25
9090
KZ 25, 34
k wsmserver DKZe;,bv 100
9091
KZ 34
9443
KZ 25
Aapplheapsz
Zf;;ms,|} 15
>},|B itimdb 12
BBootstrap/rmi KZ 25
CCA $i
*s 56, 86
${ITIM_HOME}/cert ?< 56, 86
CD 89
Ddb2 catalog,|n 14
db2 connect,|n 12
db2 create bufferpool,|n 12
db2 create,|n 12
db2 force application all,|n 13
db2 update,|n 12
db2cmd,|n 12
db2set,|n 11
db2start,|n 13
db2stop,|n 13
EEJB C'VN,WebSphere Application Server 35, 63
enrole
1!C'j6,}]b 49, 79
C'
Z:/FczO4( 14
Z IBM DB2 ~qwO4( 13
w} 137
HHTTP ~qw
dCb?%* 113
HTTP a0VCT,kT:/ 84
IIBM DB2
|n
catalog 14
db2 connect 12
db2 create 12
db2 create bufferpool 12
db2 force application all 13
db2 update 12
db2cmd 12
db2set 11
db2start 13
db2stop 13
usejdbc2 15
Zf;;ms,9C applheapsz 15
dC 11
~qw 12
:eX 12
Z~qwO4(C' 13
Z:/FczO4(C' 14
applheapsz 15
JDBC }/Lr 14
TCP/IP (E 11
9C WebSphere Application Server 95
IBM DB2 D5 vi
IBM Directory Server
dC
}Cj{T 22
k WebSphere – Express DKZe; 25
V4.1 22
D5 vi
IBM HTTP Server
20 101
20?<,VN 35
20 Tivoli Identity Manager 0xPlb 29
X8m~ 96
}6 121
D5 vi
T/20,%;~qw 29
HTTP a0VCT 84
Identity Manager DN ;C,?<~qwVN 33, 61
IP X7,}]bVN 32, 60
itimadmin
C' 35, 110
C'j6,WebSphere Application Server 63
EJB C' 107, 108, 109
JJ2EE 2+T
{C 112
dC
%Zc 107
`Zc 110, 111
V/=h 54, 83
JDBC
,S},}]bXDns]? 32, 61
w* IBM DB2 }]bM'zD}/Lr 14
JDK,f WebSphere Application Server ;pV" 97
JMS ~qw
WebSphere 6k={"+]'V 9
Llibdelref
I&{" 24
}Cj{T 22
MMicrosoft SQL Server
9C WebSphere Application Server 95
mqver 5CLr,WebSphere MQ 99
OOracle
20
AIX 16
Solaris 17
Windows 18
dC 19
9C WebSphere Application Server 95
Oracle D5 vi
Rroot
(^ 57
C' 57
runConfig,CZ53dC 54, 83
SSOAP ,SwKZ 26
SQL Server 2000
20 20
dC 20
SQL Server 2000 D5 vi
Sun ONE Directory Server
dC 26
9C IBM Directory Server 96
138 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
Sun ONE Directory Server (x)
9C WebSphere Application Server 96
D5 vi
TTCP/IP dC,IBM DB2 11
timdelref.conf 23
Tivoli Identity Manager
dC
9C WebSphere Application Server D^F 9
02+T1!n( 52, 81
0#f1!n( 46, 76
0?<1!n( 47, 77
0U>G<1!n( 49, 79
0}]b1!n( 48, 78
0J~1!n( 50, 80
UI !n( 51, 81
uo
$ww(WF) 6
C'gf(UI) 6
6X 125
#f WebSphere PDdCE" 125
=h 126
?<~qw#= 125
d|z7 125
}]bm 125
VN
\k 36, 63
C'j6 36, 63
Tivoli Identity Manager ~qw
20
%;~qw 29
wL<,%;~qw 36
wL<,:/ 63
:/ 57
T/D 29
bT(E 55, 84
CA $i 56, 86
UUI !n( 51, 81
usejdbc2,|n 15
Wwasadmin
53C' 107, 109
C' 110
C'j6,WebSphere Application Server 35
wasadmin C'j6,WebSphere Application Server 62
Web zm~qw
D5 vi
web /@w,vZ Windows O\'V 97
WebSphere 6k={"+]'V
20?<,VN 35
20 Tivoli Identity Manager 0xPlb 29
M WebSphere MQ 9
D5 vi
$HfZD WebSphere MQ 99
T/20,%;~qw 29
w*xL 9
WebSphere Application Server
20 Tivoli Identity Manager 0xPlb 29
X8m~
\'VD JDK 97
S\ 35, 62
dC
%;~qw 4
%;:/ 6
&\:/ 7
9C Tivoli Identity Manager D^F 9
k WebSphere – Express DKZe; 25
+V2+T
hC 34, 41, 62, 71
53C'VN 35, 62
EJB C'VN 35, 63
itimadmin 109
wasadmin 109
uo
%* 3
Zc 3
ZczmLr 3
:/ 3
:/I1 4
xg?p\mw 3
&CLr~qw 3
jmsserver 9
WebSphere 6k={"+]'V 9
WebSphere Web ~qwe~ 4
VN
20?< 34, 62
KZ 34
~qw{F 34
$w>Dwz{ 34
\m1\k 34
\m1C'j6 34
Zc{ 34
:/{F 62
U>G<6p 35, 62, 63
J~~qw{F 35, 62, 63
IBM DB2 D\'V6p 95
IBM Directory Server D\'V6p 96
Microsoft SQL Server D\'V6p 95
Oracle D\'V6p 95
Sun ONE Directory Server D\'V6p 96
WebSphere Application Server xg?p
20 100
X8m~ 96
WebSphere Application Server D5 vi
w} 139
WebSphere Application Server Base
20 102
X8m~ 96
V/20,:/ 103
T/20,%;~qw 29
WebSphere MQ
XhD&\?~ 99
M WebSphere 6k={"+]'V 9
h* CSD |B 99
mqvr 5CLr 99
Windows 2000 Advanced Server 'VD 95
{ITIM_HOME} 109
{ITIM_HOME}/cert ?<,kT CA $i 56, 86
{WAS_HOME} 108
140 IBM Tivoli Identity Manager: ~qw208O(kT9C WebSphere D Windows 2000)
���
LrE: 5724–C34
Pz!"
S152-0642-00