G
bΩTΣΣúºeA²\¬ 131 ² H, yNzñΩTC
T]2004 2 δ
úDbsqñtíAhqA≤ Tivoli Identity Manager 4.5.1 Hß≥MqC
N SC40-1841-01
© Copyright International Business Machines Corporation 2004. All rights reserved.
²
eÑ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiA∩H . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Tivoli Identity Manager íw . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiúy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii÷y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ixuWsy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
≤Uuπ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xpnΘΣñ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xrΘD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x@ttº . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x4.5.1 íwñqC . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiHOME ²wq. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1nwΘD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 4.5.1 wM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Tivoli Identity Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . 1bsqúWw Tivoli Identity Manager 4.5.1 . . . . . . . . . . . . . . . . . . . . . . 1
2 tmº[ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3WebSphere Application Server MWⁿ . . . . . . . . . . . . . . . . . . . . . . . . . . 3µ@°Atm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Tivoli Identity Manager Otm . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Tivoli Identity Manager °Ah . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6µ@Otm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6\αOtm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Java TºAMΣL°A . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Tivoli Identity Manager WebSphere ⌠¡ε . . . . . . . . . . . . . . . . . . . . . 9
3 Ωwtm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11IBM DB2 tm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11TwqTMtm°A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11tm IBM DB2 JDBC Xí. . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 JDBC ¼ 2 Xítm IBM DB2 7.1 M 7.2 . . . . . . . . . . . . . . . . . . . 15dGXR DB2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Tivoli Identity Manager Oracle wMtm . . . . . . . . . . . . . . . . . . . . . . . . 16b AIX w Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16b Solaris w Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18b HP-UX w Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19b Windows w Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20bwºßtm Oracle. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
SQL Server 2000 tm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22w SQL Server 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22bwºßtm SQL Server 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
4 ²°Atm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23IBM Directory Server tm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23ⁿw Tivoli Identity Manager r . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Tivoli Identity Manager tmπí . . . . . . . . . . . . . . . . . . . . . 24
© Copyright IBM Corp. 2004 iii
||||||
||
½s²°A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 LDAP r½≤ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Bz Windows W IBM Directory Server 5.2 ⌡µⁿ¡ε . . . . . . . . . . . . . . . . . . 28
bP@íqúW 5.1 M WebSphere Application Server . . . . . . . . . . . . . . . . . . . 28Sun ONE Directory Server tm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
5 µ@°AwGTivoli Identity Manager °A . . . . . . . . . . . . . . 31lºe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31M≡D . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33µ@°AwΩTu@ϕ . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34ΩwΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34²°AΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35WebSphere Application Server µ@°AwΩT . . . . . . . . . . . . . . . . . . . 36WebSphere Embedded Messaging °AMß . . . . . . . . . . . . . . . . . . . . . . 37IBM HTTP Server ΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Tivoli Identity Manager ΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
w Tivoli Identity Manager °A . . . . . . . . . . . . . . . . . . . . . . . . . . . 38²luw∩vMuvv°í . . . . . . . . . . . . . . . . . . . . . . . . . . 40∩w¼Mw² . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41∩Ωw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41¿µ@°Aw°í . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41ⁿw WebSphere sw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43ⁿw[K≈B\¬emwKn . . . . . . . . . . . . . . . . . . . . . . . . . . 45wiMΣLtmí . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46µ@°AwΘxM² . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53¿wtm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53bw Tivoli Identity Manager ºß runConfig . . . . . . . . . . . . . . . . . . . . . 53∩wyÑM≤ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Tivoli Identity Manager °AqT . . . . . . . . . . . . . . . . . . . . . . . . . . 54°A-NzíqT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
6 OwGTivoli Identity Manager °A . . . . . . . . . . . . . . . . . 57lºe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57M≡D . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Network Deployment Manager O . . . . . . . . . . . . . . . . . . . . . . 59
OwΩTu@ϕ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60ΩwΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60²°AΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61WebSphere Application ServerOwΩT . . . . . . . . . . . . . . . . . . . . . . 62Tivoli Identity Manager ΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
w Tivoli Identity Manager °A . . . . . . . . . . . . . . . . . . . . . . . . . . . 63²luw∩vMuvv°í . . . . . . . . . . . . . . . . . . . . . . . . . . 65∩w¼Mw]w² . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66∩Ωw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67¿Ow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67ⁿw WebSphere sw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70ⁿw[K≈B\¬emwKn . . . . . . . . . . . . . . . . . . . . . . . . . . 72wiMΣLtmí . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73OwΘxM² . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80¿wtm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80bw Tivoli Identity Manager ºß runConfig . . . . . . . . . . . . . . . . . . . . . 80∩wyÑM≤ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80∩wq HTTP Ñq@≥ . . . . . . . . . . . . . . . . . . . . . . . . . . 81τµ÷A]w . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
≤s Web °Aí . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
iv IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
||
Tivoli Identity Manager °AqT . . . . . . . . . . . . . . . . . . . . . . . . . . 82°A-NzíqT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83sWúO¿ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84HsqúXRO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84HP@íqúXRO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84úO¿ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
² A. HMM≤úwM . . . . . . . . . . . . . . . . . . . . . 87 WebSphere í PQ77521 úb CD 4.5.1 wMW . . . . . . . . . . . . 87o 4.5.1 M≤ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 874.5.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88yÑM≤ CD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Tivoli Identity Manager ≥íX Solaris CD] WebSphere Application Server . . . . . . . . . 88Tivoli Identity Manager ≥íX Solaris CD]D IBM í°A . . . . . . . . . . . . . 88R Solaris CD 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88R Solaris CD 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89R Solaris CD 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89R Solaris CD 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89Tivoli Identity Manager ≥íX AIX CD] WebSphere Application Server . . . . . . . . . . 89Tivoli Identity Manager ≥íX AIX CD]D IBM í°A . . . . . . . . . . . . . . 90R AIX CD 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90R AIX CD 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91R AIX CD 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91Tivoli Identity Manager ≥íX HP-UX CD]D IBM í°A . . . . . . . . . . . . . 91Tivoli Identity Manager ≥íX Windows 2000 CD] WebSphere Application Server . . . . . . . 91Tivoli Identity Manager ≥íX Windows 2000 CD]D IBM í°A . . . . . . . . . . 92R Windows 2000 CD 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92R Windows 2000 CD 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92R Windows 2000 CD 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93R Windows 2000 CD 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
² B. WebSphere ⌠ . . . . . . . . . . . . . . . . . . . . . . . . . 95w WebSphere Application Server . . . . . . . . . . . . . . . . . . . . . . . . . . 95 WebSphere MQ 5.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . 95τ≡ 9090 i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
tm Tivoli Identity Manager O . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95w WebSphere Application Server Network Deployment . . . . . . . . . . . . . . . . . . . 96w IBM HTTP Server M WebSphere Web °Aí . . . . . . . . . . . . . . . . . . 97ú WebSphere Web °Aítm . . . . . . . . . . . . . . . . . . . . . . . 98N Base wbC@IW . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98NI[J Cell ϕñ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99TO Network Deployment Manager MINzíb⌡µñ . . . . . . . . . . . . . . . . . . 99
tm WebSphere Application Server µ÷A]w . . . . . . . . . . . . . . . . . . . . . . 100
² C. wq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103J2EE w . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103tmµIípw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103tmhIípw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 J2EE w . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
tm HTTP °AΣLΦk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
² D. q Tivoli Identity Manager 4.3 Tivoli Identity Manager 4.5 ß
4.5.1 C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111lºe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111q WebLogic Tivoli Identity Manager 4.3 WebLogic Tivoli Identity Manager 4.5 . . . . 112
² v
||
WebSphere Application Server w Tivoli Identity Manager 4.5 . . . . . . . . . . . . . . . 113tmsw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114q 4.5 4.5.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
² E. q Tivoli Identity Manager 4.4.x Tivoli Identity Manager 4.5 ß
4.5.1 C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115lºe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115Nµ@°Atm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117N Tivoli Identity Manager 4.4.x 4.5 . . . . . . . . . . . . . . . . . . . . . 117
NOtm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118N Network Deployment Manager t Tivoli Identity Manager 4.4.x 4.5 . . . . . . . . . 119N¿t Tivoli Identity Manager 4.4.x 4.5 . . . . . . . . . . . . . . . . . . 120q 4.5 4.5.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
² F. q Tivoli Identity Manager 4.5 4.5.1 . . . . . . . . . . . . . 123lºe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123Nµ@°Atm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124NOtm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125N Network Deployment Manager System Tivoli Identity Manager 4.5 4.5.1 . . . . . . . . 125N¿tñ Tivoli Identity Manager 4.5 4.5.1 . . . . . . . . . . . . . . . . . 126
² G. úw Tivoli Identity Manager . . . . . . . . . . . . . . . . . . . . 127lºe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127úw Tivoli Identity Manager BJ . . . . . . . . . . . . . . . . . . . . . . . . . 128WebSphere ⌠ ORACLE_JDBC_DRIVER_PATH . . . . . . . . . . . . . . . . . . . . . 129
² H. N . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Wⁿ. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
vi IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
||
||
||||||||||||
||
eÑ
IBM ® Tivoli ® Identity Manager °AwΓU Windows - WebSphere® í
p≤b Windows 2000 Windows 2003 ServerWwtm Tivoli Identity Manager
°AAHqñímzΩC
A∩H
ΓUA∩HAObv⌠qútWwB@znΘtMw
zC¬πtMwzºCA¬]πUCU
zºG
v ²°A
v Ωw°A
v WebSphere® Embedded Messaging Σ
v WebSphere Application Server WebLogic
v IBM HTTP Server
X
\¬ Tivoli Identity Manager wByM÷yíAPy±
C∩wznyºßA\uWsyⁿC
Tivoli Identity Manager íw
Tivoli Identity Manager Nσ≤wñXs¿UCG
v ΩT
v uWU
v °Aw
v zPtm
v NW
v Nzw
ΩTG
v IBM Tivoli Identity Manager N
ú Tivoli Identity Manager nwΘDAHΣLíBíMΣLΣ
ΩTC
v Tivoli Identity Manager ²\¬d
uWUG
v Tivoli Identity Manager uWU
w∩ Tivoli Identity Manager z@AúπXíuWíDDC
°AwG
© Copyright IBM Corp. 2004 vii
|
|
|
v IBM Tivoli Identity Manager °AwΓU UNIX M Linux - WebSphere
ú Tivoli Identity Manager wΩTC
v IBM Tivoli Identity Manager °AwΓU Windows - WebSphere
ú Tivoli Identity Manager wΩTC
v IBM Tivoli Identity Manager °AwΓU UNIX - WebLogic
ú Tivoli Identity Manager wΩTC
v IBM Tivoli Identity Manager °AwΓU Windows 2000 - WebLogic
ú Tivoli Identity Manager wΩTC
zPtmG
v IBM Tivoli Identity Manager Policy and Organization Administration Guide
ú Tivoli Identity Manager z@DDC
v IBM Tivoli Identity Manager @δΓU
ú Tivoli Identity Manager ΩTC
v IBM Tivoli Identity Manager tmΓU
úµ@°AMO Tivoli Identity Manager tmtmΩTC
NWG
v IBM Tivoli Identity Manager Problem Determination Guide
ú Tivoli Identity Manager úΣLMDΩTC
NzwG
v Tivoli Identity Manager Nσ≤w]]A Tivoli Identity Manager Ω@ºuNzv
≤Sw¡xwσ≤oiC
úy
pGnΩTAF Tivoli Identity Manager úCziHqU
CmoyG
v WebSphere Application Server
http://www.ibm.com/software/webservers/appserv/support.html
: Uo≈u⌡!MµANíwMtm WebSphere Application ServerA
BúBwO@C÷Mo≈MµbIΩOsA²biα
wgLFCp ßNϕAΩΩTMµC
– IBM WebSphere Application Server V5.0 System Management and ConfigurationA
IBM ⌡!
– IBM WebSphere Application Server V5.0 SecurityAIBM ⌡!
v Ωw°A
– IBM DB2
viii IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
http://www.ibm.com/software/data/db2/udb/support.html
http://www.ibm.com/software/data/db2
– Oracle
http://otn.oracle.com/tech/index.html
– Microsoft SQL Server 2000 (SP3)
http://msdn.microsoft.com/library/
v ²°Aí
– IBM Directory Server
http://www.ibm.com/software/network/directory
– Sun ONE Directory Server
http://wwws.sun.com/software/products/directory_srvr/5.1/index.html
v WebSphere Embedded Messaging Σ] IBM MQSeries
http://www.ibm.com/software/ts/mqseries
v Web Proxy °A
– IBM HTTP Server
http://www.ibm.com/software/webservers/httpservers/library.html
÷y
UCXñúP Tivoli Identity Manager Server ÷ΩTG
v Tivoli Software Library úFU Tivoli yApA#!BΩu@ϕBdB
⌡!MqHτCziHbUz⌠Σ Tivoli Software LibraryG
http://www.ibm.com/software/tivoli/library/
v Tivoli Software Glossary t\h Tivoli nΘ÷NywqC≤UC⌠ Tivoli
Software Library ⌠¬Σ Glossary ú σ Tivoli Software GlossaryG
http://www.ibm.com/software/tivoli/library/
uWsy
≤UC⌠ Tivoli nΘwñuWúúXAΣµíuiΓíσ≤µí
(Portable Document Format, PDF)vuWσrOyÑ (Hypertext Markup Language,
HTML)vΓG
http://www.ibm.com/software/tivoli/library
pGnbwñMΣúyAbuwv¬ΓΣ÷@UúΓUCMß
buTivoli nΘΩTñvWMΣB÷@U úWC
úy]ANBwΓUBΓUBzΓUHoΓ
UC
eÑ ix
: FTOα CL PDF yAb Adobe Acrobat uCLv°íñA∩
Xjp∩]zun÷@U → CLANα≈o∩C
≤Uuπ
úσ≤tUCSAiHUz≤UuπG
v σ≤ HTML M PDF ΓµíAi²h≈Me¬C
v σ≤ñvúNσrAi²°FveC
pnΘΣñ
bV IBM Tivoli nΘΣñDºeA÷@U Tivoli ΣAñ]⌠
pU\ IBM Tivoli nΘΣñ⌠G
http://www.ibm.com/software/support/
pGznΣLUAQ IBM Software Support Guide]⌠pUñyz
ΦkApnΘΣñC
http://techsupport.services.ibm.com/guides/handbook.html
ΓUNúUCΩTG
v ⁿΣn²MΩµnD
v qX] zbΩaw
v bp ßΣñºeA¼ΩTMµ
D
ΓUNw∩SϕⁿJM@AH@twⁿOM⌠AhD
C
rΘD
UOΓUrΘDG
Θ gΣσrB÷ΣrBB∩BJava ¼WH½≤ñ°Hpgⁿ
OjpgVXⁿOAHΘC
Θ BXDSϕrⁿyHΘ[HjC
ÑerΘ
gΣσrBtTºBΣJσrAHⁿO∩ñ°
HíXdB@δⁿOBeΘXBM²WAíHÑe
C
@ttº
UNIX Dⁿw⌠AHϕ²Cb Windows ⁿOµA
%variable% N $variableA⌠ABN²⌠ñC°u (/)A
Hu (\) NCYzO Windows tñ bash ShellAziH UNIX D
C
x IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
4.5.1 íwñqC
Tivoli Identity Manager 4.5.1 Nσ≤wQqCrⁿX∩²eb 4.5 σ≤
wñXΩTwiµN≤aΦCqCOH≤¬ΣΣZñ½u (
| ) ϕC
HOME ²wq
Uϕ]tσ≤ñw]wqAHNϕUúw⌠ HOME ²hCzi
Hw∩zSwΩ@Φíqw²M HOME ²CpGOoípAhz∩
ϕñeC@wqiµAϕ½C
⌠ w]wq
ITIM_HOME Windows:
c:\itim45\
UNIX:
/itim45/
WAS_HOME Windows:
C:\Program Files\WebSphere\AppServer\
UNIX:
/opt/WebSphere/AppServer/
WAS_NDM_HOME Windows:
C:\Program Files\WebSphere\DeploymentManager\
UNIX:
/opt/WebSphere/DeploymentManager/
eÑ xi
1
ΓUNíp≤bµ@°AOtmϕñwBltmHτ Tivoli Identity
Manager °ACziHtXt@tM Web í∩wσ≤CP
]iH\ Tivoli Identity Manager °AwΓU UNIX - WebSphereC
wMl Tivoli Identity Manager °ADnBJAn°ªµ@°Atm
wOOtmwAHOw²sb WebSphere Application Server wC
UOBJº[G
1. 3 2 , ytmº[zíAPtm Oµ@°AtmA
On≤uO\αOMΦtmC
2. 11 3 , yΩwtmzíAwMtmΩwC
3. 23 4 , y²°AtmzíAwMtm²°AC
4. pGOµ@°AtmA 31 5 , yµ@°AwGTivoli Identity
Manager °Azíw Tivoli Identity Manager °AC
5. pGOOtmA⌡µUC@G
v 95² B, y WebSphere ⌠zíAwMtm
WebSphere Application Server ΣC
v 57 6 , yOwGTivoli Identity Manager °AzíA
OMw Tivoli Identity Manager °AC
: zHΓΦíAOtmwnM≤C
nwΘD
pGnnwΘDMµA\ IBM Tivoli Identity Manager NC
4.5.1 wM
T i v o l i I d e n t i t y M a n a g e r °A 4 . 5 . 1 Nú]C Ds¡x
]LinuxBHP-UXBWindows 2003CBAúM≤wΣ Tivoli Identity
Manager 4.5.0 ¡x]AIXBSolaris Windows 2000CpGnΣLΩTA
\ 87² A, yHMM≤úwMzC
Tivoli Identity Manager Tivoli Identity Manager 4.5.1 M≤wí Tivoli Identity
Manager 4.5.0 C
BJN] Tivoli Identity Manager úPCp÷ΩTA\ñ
í Tivoli Identity Manager ²C
bsqúWw Tivoli Identity Manager 4.5.1
bS Tivoli Identity Manager ΩsqúWw Tivoli Identity Manager B
JpUG
© Copyright IBM Corp. 2004 1
|
|
|
|
|
|
|
|
|
|
|
|
|
v Ys¡xAs CD ú Tivoli Identity Manager 4.5.1 wíBnñ
nΘBM≤AHC
v Y 4.5.0 Σ¡xAM≤ú Tivoli Identity Manager 4.5.1 C
4.5.0 CD Honñ nΘBM≤AHC
2 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
2 tmº[
WebSphere Application Server ⌠ñ Tivoli Identity Manager °AAQµ
@°AtmOtmCNw∩tm∩Aúu¬ÑíABúΩ
@º[C≤Ω@ΩTAhdß≥ AúC
:
1. tmdAnDzbwMtmúBJºeA²⌡µ@W
íCpGnΣLσ≤AítXzDWAp ßN
ϕC
2. ΣL÷ WebSphere Application Server úΩTA\ viiiyú
yzΣLσ≤C
3. jí Tivoli Identity Manager ñínΘAúnM≤CpGnΣL
ΩTA\ IBM Tivoli Identity Manager NC
WebSphere Application Server MWⁿ
UCⁿJNí WebSphere Application Server tmñG
Cell ípzízzΓCCell OΓ WebSphere Application Server
í⌠ñ@δzíIAHΦΦí[HC@ Cell iH@
hOC
I IOΓΩΘqúW@hí°AAHΦΦí[HCCell ñ
IWOMCIWqPqúD≈W@C½yíAI
qO∩πúP IP ΩΘqútC
í°A
í°AO WebSphere Dn≤C°A⌡µ Java Ω≈A
ííXú⌡µ⌠Cí°AúxsAM
Sw Java í≤⌡µC
Network Deployment Managerozw∩ WebSphere Application Server í Cell ñ
]]AOzbAúñz°MεCNetwork Deployment
Manager tdzC@IWxsweAªOzLP Cell C@IW
INzí¼qTzC
INzí
INzítdbI WebSphere Application Server WAzⁿz
AΦkOP Network Deployment Manager qT≤tmABNªPB
BzCINzíONϕ Network Deployment Manager ⌡µz@CI
NzíNϕz Cell ñICINzíH WebSphere Application
Server Base @wA²úDzNI[J Network Deployment ⌠ñ
CellAhú@wno≥C
O OON@h\αPí°AAHΦΦí[HAi
© Copyright IBM Corp. 2004 3
HΦKzípBtmB¡u@qHßCOO°AXAo
°AQϕ@@tXOB@AHTOßoH½níMΩ
C
OúiπCΣLΩTA\ ßΣñúAí
WebSphere Application Server í⌠ñ½M⌠¡O@ΣLσ≤C
O¿
Oϕñ@ WebSphere Application Server ΩC
WebSphere Web Server í
WebSphere Web Server íOwb HTTP °A@≤Atd
ⁿeJnDANªΘOϕñAϕ Web xsCíµA
O) plugin-cfg.xml Cíi² Web °ANAenD
]p ServletAeí°AC
µ@°Atm
µ@°AtmiN WebSphere Application Server Base MΣLníAw
bΩΘqúWCTivoli Identity Manager °Aú Mu@yBzC
@íqúWtmAπUCG
v ΩwAxsµ÷ΩT
v ²°A
v WebSphere Application Server Base
v Tivoli Identity Manager °A
1. @íΩΘqúWµ@°Atm
4 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
v HTTP °AAp IBM HTTP Server M WebSphere Web Server íCpG
n WebSphere Web Server í≥wqA\ 3yWebSphere
Application Server MWⁿzCΣL÷tm WebSphere Web Server í
ΩTA\ 109ytm HTTP °AΣLΦkzC
ziH∩N WebSphere Application Server Base M Tivoli Identity Manager °
AΩAwb@íΩΘqúWANΣLníAíwbΣ
L@híqúWC
: pGzΓ IBM Directory Server 5.1 Awbww WebSphere Application Server
P@íqúWA\ 28ybP@íqúW 5.1 M WebSphere
Application ServerzAoΣLnΓtmBJC
pGqúw Tivoli Identity Manager °AAhπUCG
v WebSphere Application Server Base
v JDBC Xí]Ωwß
ΣLqúhπG
v ΩwAxsµ÷ΩT
v ²°A
v HTTP °AAp IBM HTTP Server M WebSphere Web Server í
pGnΣLΩTA\ 31 5 , yµ@°AwGTivoli Identity
Manager °AzC
Tivoli Identity Manager Otm
Tivoli Identity Manager OtmⁿwUC@G
v 6yµ@Otmz
v 8y\αOtmz
2. híΩΘqúWµ@°Atm
2 tmº[ 5
: bO⌠]@δ\αOñAO¿w²WúOPCⁿwP²AKyßbúPO¿qúWoO HR
í⌡µDCpAbO¿qúWⁿw \itim45 ²C
ADSML ¡≈ΘJMebC@IP@²ñC
ΣL÷tmOΩTA\ 59y Network Deployment Manager
OzCpM≤ⁿwA\ IBM Tivoli Identity Manager
NC
:
1. bUCϕñAC@Φ⌠¼úNϕ@íΩΘqúW@ WebSphere IC
zb@íqúWu@IC
2. pGzΓ IBM Directory Server 5.1 Awbww WebSphere Application Server
P@íqúWA\ 28 ybP@íqúW 5.1 M WebSphere
Application ServerzAoΣLnΓBJC
Tivoli Identity Manager °Ah
hO) Tivoli Identity Manager °AúAO\αlApABz
í\αAOBzu@yí\αCTivoli Identity Manager °AiHw
hh°AA²ztmC@hú\αAN\αOtm[HjC
Tivoli Identity Manager °AiúUCXhG
(UI)ú Bz\αAΣñ]A∩MϕµAi²U Tivoli
Identity Manager °Aú\αCΣL÷ ΩTA\
IBM Tivoli Identity Manager Policy and Organization Administration GuideC
u@y (WF)úu@yBz\αC
u@yOⁿ)πnDBnDenDHK¿C÷u
@yBzΩTA\ IBM Tivoli Identity Manager Policy and Organization
Administration GuideC
w∩]AUCUG
v µ@°A
v µ@O\αOGbµ@Ow[cñAoΓhúwbO¿C@
í°AWCC@O¿úϕ≤@ Tivoli Identity Manager µ@°
AC
b\αOϕñA (UI) hOwb@OWAu@y (WF) hh
Owbt@OWCXoΓO\αAiHúπ Tivoli Identity
Manager \αC
µ@Otm
µ@Otmⁿw@ WebSphere í°ACTivoli Identity Manager
hMu@yhAúOb OC@IP@ WebSphere Application Server W
6 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
⌡µC tmb@íqúWⁿw Network Deployment ManagerCΣLíhb
ΣLqúWtmC
UNíotmG
v bww Network Deployment Manager qúWAwUCUG
– WebSphere Network Deployment Manager
– JDBC Xí]Ωwß
v bC@O¿WAwUCG
– WebSphere Application Server
– Tivoli Identity Manager °A. wbotmW Tivoli Identity Manager °
AAú Mu@yoΓhXC
– JDBC Xí]Ωwß
v bΣL@híúbOϕñqúWAwUCG
– ΩwAxsµ÷ΩT
– ²°A
– HTTP °AAp IBM HTTP Server M WebSphere Web Server íC
ΣL÷o°AΩTA\ IBM HTTP Server úσ≤CpG
n WebSphere Web Server í≥wqA\ 3yWebSphere
Application Server MWⁿzCΣL÷tm WebSphere Web Server í
ΩTA\ 109ytm HTTP °AΣLΦkzC
3. híΩΘqúWµ@Otm
2 tmº[ 7
\αOtm
\αOtmAON Network Deployment Manager m≤@íqúWCΣL
íAhOtmbΣLqúWúPOCTivoli Identity Manager °A UI hOtm
b@OIWA WF hhOtmbt@OIWC
UNíotmG
v bww Network Deployment Manager qúWAwUCUG
– WebSphere Network Deployment Manager
– JDBC Xí]Ωwß
v bC@OU¿WAwUCG
– WebSphere Application Server
– Tivoli Identity Manager °A
b OϕñATivoli Identity Manager °AΩuú
BzCbu@yOϕñATivoli Identity Manager °AΩ]uú
u@yBzC
– JDBC Xí]Ωwß
v bΣL@híúbOϕñqúWAwUCG
– ΩwAxsµ÷ΩT
– ²°A
– IBM HTTP Server M WebSphere Web Server í
4. \αOtm
8 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
Java TºAMΣL°A
ΣL°AOb WebSphere Application Server ⌠U⌡µApAú
WebSphere Embedded Messaging Σ Java TºA] jmsserver AS
JMS °AC
: n² Tivoli Identity Manager PΣLíµ½ΩTAΓΩϕ@Tº[H¼eA
Q WebSphere Embedded Messaging Σ&µCΣLΩTA\í
WebSphere Embedded Messaging Σ WebSphere MQ WebSphere Application
Server σ≤C
Tivoli Identity Manager WebSphere ⌠¡ε
pGnb WebSphere ⌠U Tivoli Identity ManagerA[εUC¡εG
v Tivoli Identity Manager ]O@tOPΦCFKowqTM
tmDAzúnb@ Tivoli Identity Manager OϕñA@HW
@t¼C
v b\αOϕñAúnΓ OMu@yOO¿A±bP@í
qúWC
v pGP@íqúWh WebSphere Application Server ΩAuΣñ@Ω
°AiH¿ Tivoli Identity Manager O¿C
v WebSphere Application Server e\zbP@íqúWAw Network Deployment
Manager MO¿CTwoíqúπnOΘBtMiíAHtX
Bu@qC
2 tmº[ 9
3 Ωwtm
Níp≤tmΩwA²ªft Tivoli Identity Manager °ACpGzQ
DΣΩwAHπíA\ IBM Tivoli Identity
M a n a g e r NCΣL÷ I B M D B 2 ΩTA\
http://www.ibm.com/software/data/db2/udb/support.htmlC
:
1. í IBM DB2 ]wAOn⌡µπl]wC
2. OΓ¼ 2 uJava Ωwsu\αvXíA@ IBM DB2 ⌡µ
ßCßNH JDBC XíANϕoXíC
3. ΩTDΩwú¡ú≤sxBíσ≤NΩTC∩≤z
wΩTAp≤h÷ΩTA\ viiyeÑzñX
HúúΣLXC
NíUCUG
v yIBM DB2 tmz
v 16yTivoli Identity Manager Oracle wMtmz
v 22ySQL Server 2000 tmz
IBM DB2 tm
zH Administrator ¡nJ IBM DB2 °AA&α¿UCBJG
v yTwqTMtm°Az
v 14ytm IBM DB2 JDBC Xíz
TwqTMtm°A
n IBM DB2 °AA⌡µUC@G
v yTw TCP/IP qTz
v 12ytm IBM DB2 °Az
Tw TCP/IP qT
blºeA²T IBM DB2 °AW TCP/IP qTC⌡µUC@G
: oBJ]tmOhíqúAΣñ@íπ IBM DB2 °ACpGΩw
P IBM DB2 °A≤P@íqúANútm TCP/IP qTC
1. IBM DB2 ⁿO°íAΦk÷@Ul -> ⌡µAMßΘJ db2cmdC
2. b DB2 ⁿO°í⌡µUzⁿOG
db2set -all DB2COMM
3. pG tcpip ]ϕ TCP/IP qTúb db2set -all DB2COMM ⁿO
MµñA⌡µUzⁿOAΣñ]A tcpipAHⁿOúMµ ΣL
C
db2set DB2COMM=tcpip,<values_from_db2set_command>
© Copyright IBM Corp. 2004 11
pAYO db2set -all DB2COMM ⁿObMµñ O npipe M ipxspx
AhbG⌡µ db2set ⁿOAAⁿwoG
db2set DB2COMM=tcpip,npipe,ipxspx
tm IBM DB2 °A
pGntm°AA⌡µUC@G
1. Hⁿ itimdb WA Tivoli Identity Manager ΩwAB@W
s enrolebp w"C
: ΩwWiHOzⁿw⌠≤WC²w"W@wO enrolebpC
a. IBM DB2 ⁿO°íAΦk÷@Ul -> ⌡µAMßΘJ db2cmdC
b. bⁿO°íñA⌡µoⁿOΩwG
db2 create db itimdb using codeset UTF-8 territory USdb2 update db cfg for itimdb using applheapsz heapvaluedb2 update db cfg for itimdb using app_ctl_heap_sz 512
Σñ heapvalue O@H KB µπANNϕ 4K 1024C
: NΣLíOΘDCJAΓ applheapsz ]π Ωw
qúñAjOΩOΘ@bC
c. tmΩAWAHKbs JDBC XíC±ΦíAΘJUo
@µG
db2 update dbm cfg using svcename <service_name>
Σñ <service_name> O@O DB2_db2inst1 C
d. NAϕAW[JUoñG
v UNIX: /etc/services
v WindowsG%SYSTEMROOT%\system32\drivers\etc\services
±ΦíAΘJUo@µG
db2 get dbm cfg
oPUⁿG
v DB2_db2inst1: 50000/tcp
v DB2_db2inst1i: 50001/tcp
zΘJ∩≤AW≡C
e. ΘJUzⁿOATsuCpGQsuAN ΩwsuΩTG
db2 connect to itimdb
f. w"G
db2 create bufferpool enrolebp size -1 pagesize 32k
2. ]w DB2_RR_TO_RS=YESAui½¬vC⌡µUC@G
a. ΘJUo@µG
db2set -all
b. d AT DB2_RR_TO_RS=YESC
c. pGΣúoAΘJUo@µAN ] YESG
12 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
db2set DB2_RR_TO_RS=YES
d. ½sΘJUo@µA ]wOsbG
db2set -all
3. ½s IBM DB2C
db2stop#]GpGΘJ db2stop óA⌡µ "db2 force application all"db2start
b IBM DB2 °A@Ws enrole
b IBM DB2 °AA@Ws enrole C⌡µUC@G
v pGOb AIXAH root ¡⌡µUC@G
1. smit smittyAutzvuπC
2. ∩w & -> -> sWC
3. buWvµñAΘJ enroleC
4. ÷ Enter ΣAAMß uveC
5. ∩≤KXC
6. bWúUAΘJzwqAp enroleCbzwgⁿwF ID enrole M enrole KXC
7. pGnbúU≤KXAΘJzºeΩwwqKXC
8. ⌠utzvuπC
9. sCTelnet ⌡µ IBM DB2 °AqúCTwziHs
ID nJAúo½]KXíC
v pGOb SolarisAH root ¡⌡µUC@G
1. zuπC
2. b@Cñ÷@Us² -> C
3. ÷@UsΦ -> sWC
4. busWv∩uWvµñAΘJ enroleCMßbu∩KXv\αϕñA∩KXC
5. bu]wKXv∩ñAΘJKXB[HτCMß÷@UTwC
6. Nul²vµñ⌠A] /export/home/enrole ⌠CMß÷@
UTwC
7. b@Cñ÷@U -> ⌠⌠C
8. sCTelnet ⌡µ IBM DB2 °AqúCTwziHs
ID nJAúo½]KXíC
v pGOb Windows 2000AH Administrator ¡⌡µUC@G
1. suqúzvuπAΦk÷@Ul -> ]w -> εx -> zuπ ->qúzC
2. ÷@UMs -> C
: enrole ú[J⌠≤sñC
3. ∩@ -> sC
4. buWvµñAΘJ enroleC
5. buKXvµñAΘJΩwKXC
3 Ωwtm 13
6. MúUnJ≤KX∩C
7. ∩KXú∩C
8. ÷@UC
bOC@íqúW@Ws enrole
ziHb≤ Tivoli Identity Manager O@íC@íqúWA@Ws enrole
CoúπSϕMvCTwUnJú≤KXA
BKX-úC
tm IBM DB2 JDBC Xí
IBM DB2 nD¼ 2 uJava Ωwsu\αvXí]JDBC XíA
@ΩwßCJDBC XíON Java ¼íAs bP@í≈
Wb≈W⌡µ IBM DB2 ΩwCb Tivoli Identity Manager Oíp
ñAJDBC Xíi² Tivoli Identity Manager °APΩqTAB
@ΩTCpGnΣLΩTA\ IBM DB2 σ≤C
:
1. IBM DB2 úw JDBC XíA IBM DB2 ⌡µßC
2. pGnTOb Intel ¡xW ±ΩwsuA TCP SocketCún
πWD@ IBM DB2 ßsuΦkCπWDΦksu¡εAi
αo Tivoli Identity Manager Ωw C
]zSΓ IBM DB2 wbqúWAhbUCqúWwMtm JDBC
XíAHnM≤CpGnΣLΩTA\ IBM Tivoli Identity
Manager NC
v w Network Deployment Manager qú
v zwnw Tivoli Identity Manager °AC@O¿
v bµ@°AwqúW]Σñ IBM DB2 O≤C
bC@qú⌡µUC@G
1. wMtm JDBC XíHnM≤C
2. ⌡µUCBJANΩws¿¼²G
a. IBM DB2 ⁿO°íC
÷@Ul -> ⌡µAMßΘJ db2cmdC
b. bßⁿO°íWAHµµ⌡µoⁿOG
db2 catalog tcpip node db2node_hostname remote db2server_hostnameserver service-name|portnumber
ΣñG
node db2node_hostname
Oⁿzns¿¼²ºIOWCªOΩwbqúD≈W
Co)wqANϕí IBM DB2 IWC
: db2node_hostname úiWLKr°C
14 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
remote db2server_hostname
Oⁿ IBM DB2 bID≈WCD≈WO TCP/IP ⌠⌠
IWCpAdb2server2hostC
server service-name|portnumber
iⁿw°AΩwzíΩAW≡CIBM DB2 ≡
w]O 5 0 0 0 0Cb I B M D B 2 °AbqúW
%SYSTEMROOT%\system32\drivers\etc\services ñMΣe≡C
ßM°AW≡@CpGⁿw≡ANúb
TCP/IP services ⁿw⌠≤AWC
c. ΘJUzⁿOANΩws¿¼²G
db2 catalog database itimdb as itimdb at node db2node_hostname
3. pGn¼²@OQ¿AΘJUo@µG
db2 connect to itimdb
JDBC ¼ 2 Xítm IBM DB2 7.1 M 7.2
: IBM DB2 M≤ 3 N IBM DB2 7.1 α 7.2 Cpe
M≤÷ΩTA\ IBM Tivoli Identity Manager NC
pGzO IBM DB2 7.1 M 7.2 AhHΓΦítm JDBC ¼ 2 X
íCb IBM DB2 °A⌡µUC@G
1. H IBM DB2 Administrator ¡nJC
2. tm² IBM DB2 JDBC ¼ 2 XíApUG
a. ε IBM DB2 AC
b. aX Windows ⁿOúAMß⌡µ
<IBM DB2 install directory>\java12\usejdbc2.bat
Σñ <IBM DB2 install directory> Qzw IBM DB2 ²NC
c. ½s IBM DB2 AC
dGXR DB2
UdO IBM DB2 ]w≤jG
db2 update database configuration for itimdb using dbheap 1200db2 update database configuration for itimdb using applheapsz 2048db2 update database configuration for itimdb using maxappls 60db2 update database configuration for itimdb using app_ctl_heap_sz 1024db2 alter bufferpool ibmdefaultbp size 14750db2 alter bufferpool enrolebp size 13240
pG applheapsz o]o*pA@.ⁿJjqANoOΘú¼
C±ΦíAΘxiαtUo»zíG
xsΘú¼ALkBz sql »zíC
pGnúBxsΘíAN IBM DB2 íΩ∩jp∩jC
3 Ωwtm 15
su - db2inst1db2 force applications alldb2stopdb2 terminatedb2 update db cfg for itimdb using applheapsz 2048db2start
: pGOb Windows WA@ db2cmd °íAΘJoⁿOC
Tivoli Identity Manager Oracle wMtm
Níb Tivoli Identity Manager [cϕñw Oracle emwM
ßmwtmBJC
úO@íAú\ Oracle wΓUAoπΩTC
: bw Oracle A[W JServer ∩@w@íCpGz∩@δOracle wAΣñNt JServerCpGz∩⌡µq Oracle wA∩
JServer @w∩C
Y Oracle 9iAϕzΩwΩA JVM (JServer)Ah Tivoli
Identity Manager ⌠≤ºúNóC
b AIX w Oracleb AIX tWw Oracle ºeA²¿UCG
1. H root ¡nJ AIX tC
2. AIX twUCG
v bos.adt.base
v bos.adt.libm
Oracle úwFíwA Oracle ⌡µCpGSoA
KóA Oracle ]Lk w⌡µCziHq AIX oHuπ
c CDAwoC
3. τzt,XWLUC²i íDG
v /usrG3 GB
v /varG300 MB
v /tmpG2 GB
AIX w] Oracle w²O /usrC
:
a. pGnPh,i íAΘJUzⁿOG
df - Ivk
ΘXOH 1024 µC
b. Yn SMIT SMITTY ≤ /usr /var ²jpAs²UC
°íGtxsΘz -> t -> sW/≤/π/Rút -> Oⁿ
t -> ≤/πOⁿtºΦ-> /usr -> tjp]H
512 ⌠µC
4. pGStAQ SMITTY -í@G
16 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
a. qDxⁿOµΘJ $ mkdir /cdromC
b. qDxⁿOµΘJ $ smitty crcdrfsC
oeXUo\αϕG
sW@t
bΘJµΘJ∩C¿zn≤ºßA÷ Enter ΣC
[ΘJµ]* mW +* ⁿI []nb½s≈ⁿH ún +
c. ∩@≈AΦkO÷ F4A∩@ ≈AMßA÷ Enter ΣC
d. A÷@ Enter ΣAtCⁿOªºßAH F10 ⌠SMITTYC
e. HUzⁿOⁿ cdrom ²G
mount /cdrom
5. ⁿI Oracle ΩwG
$ mkdir /u01$ mkdir /u02
6. ]wⁿI\ivA² Oracle bßbwgJªG
$ chmod 777 /u01$ chmod 777 /u02
7. H SMIT ΓsF@OWs dba sAt@OWs oper sC
8. H SMIT @Ws oracle sCw∩sbßA¿UCBJG
a. NbßuDnsv]wz dba sC
b. Nbßul²v] /home/oracleC
c. NnJ Shell]lí] /bin/shC
Oracle bß⌡µwíCobßuαwM@ OracleC
9. d /usr/lbin o⌠OsbAB]tb Oracle bß⌠ñC
ziHsΦ /home/oracle/.profile ]wo⌠C
10. ⌡µ≤ CD orainst ²U oratab.sh Script oratab C
$ ./oratab.sh
11. H Oracle ¡nJtG
$ su - oracle
12. ° Oracle bß umask ]wC
$ umask
umask ] 022CpGbß umask úO] 022AHUzⁿO]wªG
$ umask 022
13. sΦ .profileA[JUC⌠]wG
v Oracle 8i:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMELIBPATH=$ORACLE_HOME/lib; export LIBPATHLD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib; export LD_LIBRARY_PATHORACLE_SID=or1; export ORACLE_SIDORACLE_TERM=vt100; export ORACLE_TERM
3 Ωwtm 17
v Oracle 9i:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/9.2.0.0.0; export ORACLE_HOMELIBPATH=$ORACLE_HOME/lib; export LIBPATHLD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib; export LD_LIBRARY_PATHORACLE_SID=or1; export ORACLE_SIDORACLE_TERM=vt100; export ORACLE_TERM
Tw oracle PATH ]A $ORACLE_HOME/binB /bin M /usr/binCpG
SANª[ .profile ϕñC
14. QUzⁿOAN]wm≤mG
$ . ./.profile
UNIX Shell ¬]wA]wñl]w≤se⌠C
15. ⌡µ rootpre.shA²≈q /cdrom wG
$ ./rootpre.sh
bziHlw Oracle FC
b Solaris w Oracleb Solaris tWw Oracle ºeA²¿UCG
1. H root ¡nJ Solaris tC
2. t]A,nXWLwnDCpGnΣL
ΩTA\ Oracle 8i Installation GuideC
3. ⁿI Oracle ΩwG
$ mkdir /u01$ mkdir /u02
4. QUzⁿOAqDxzuπ-íG
# admintool
5. buzuπv°íñA÷@Us² -> sCoeuzuπGsv
°íC
6. buzuπGsv°íñA÷@UsΦ -> sWCoeuzuπG
sWsv°íC
7. ΓsF@OWs dba sAt@OWs oinstall sC
8. buzuπGsv°íñA÷@UsΦ -> Coeuzu
πGv°íC
9. Hzuπ@Ws oracle sCw∩sbßA¿UCBJG
a. NbßuDnsv]wz oinstall sC
b. Nbßunsv]wz dba sC
c. ∩ul²vµΩsCbu⌠vµñAΘJ
/export/home/oracle @ oracle l²C
d. NnJ Shell ] /bin/shC
Oracle wíHobß⌡µCobßuwM@ OracleC
10. H Oracle ¡nJtG
# su - oracle
18 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
||||||
|
° Oracle bß umask ]wC
$ umask
umask ] 022CpGbß umask úO] 022AHUzⁿO]wªG
$ umask 022
P]tX≤∩ .profileC
11. b Oracle bß /export/home/oracle/.profile [JUCXµG
v Oracle 8i:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMEORACLE_SID=or1; export ORACLE_SIDORACLE_DOC=$ORACLE_HOME/doc; export ORACLE_DOCORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data; export ORA_NLS33PATH=$ORACLE_HOME/bin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:.
v Oracle 9i:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/9.2.0.0.0; export ORACLE_HOMEORACLE_SID=or1; export ORACLE_SIDORACLE_DOC=$ORACLE_HOME/doc; export ORACLE_DOCORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data; export ORA_NLS33PATH=$ORACLE_HOME/bin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:.
pGznDbjM⌠ñ[W /usr/ucbANªCb PATH ]w
/usr/ccs/bin ßC
12. QUzⁿOAN]wm≤mG
$ . ./.profile
bziHlw Oracle FC\Aϕ Oracle σ≤ABwnΘCw@
Q¿ºßA ϕñtmⁿC
b HP-UX w Oracleb HP-UX tWw Oracle ºeA²¿UCG
1. H root ¡nJ HP-UX tC
2. t]A,nXWLwnDCp÷ΩTA
\ Oracle wΓUC
3. ⁿI Oracle ΩwG
$ mkdir /u01$ mkdir /u02
4. QUzⁿOAqDx SAM]uzL Meta ΩiµΩs,
(Sequential data Access via Metadata)v-íG
# sam
5. b SAM °íñA÷@UMsbßCeWuSAMGMs
bßv°íC
6. buSAMGMsbßv°íñA÷@UsCeWuSAMG
sv°íC
7. ΓsF@OWs dba sAt@OWs oinstall sC
8. buSAMGMsbßv°íñA÷@UCeW
uSAMGv°íC
9. @Ws oracle sCw∩sbßA¿UCBJG
3 Ωwtm 19
|
||||||
|
|
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
|
a. NbßuDnsv]wz oinstall sC
b. Nbßunsv]wz dba sC
c. ∩ul²vµΩsCbu⌠vµñAΘJ
/home/oracle @ oracle l²C
d. NnJ Shell ] /bin/shC
Oracle wíHobß⌡µCobßuwM@ OracleC
10. H Oracle ¡nJtG
# su - oracle
° Oracle bß umask ]wC
$ umask
umask ] 022CpGbß umask úO] 022AHUzⁿO]wªG
$ umask 022
P]tX≤∩ .profileC
11. b Oracle bß /home/oracle/.profile [JUCXµG
v Oracle 8i:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/8.1.7; export ORACLE_HOMEORACLE_SID=or1; export ORACLE_SIDORACLE_DOC=$ORACLE_HOME/doc; export ORACLE_DOCORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data; export ORA_NLS33PATH=$ORACLE_HOME/bin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:.
v Oracle 9i:
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASEORACLE_HOME=$ORACLE_BASE/product/9.2.0.0.0; export ORACLE_HOMEORACLE_SID=or1; export ORACLE_SIDORACLE_DOC=$ORACLE_HOME/doc; export ORACLE_DOCORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data; export ORA_NLS33PATH=$ORACLE_HOME/bin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:.
pGznDbjM⌠ñ[W /usr/ucbANªCb PATH ]w
/usr/ccs/bin ßC
12. QUzⁿOAN]wm≤mG
$ . ./.profile
bziHlw Oracle FC\Aϕ Oracle σ≤ABwnΘCw@
Q¿ºßA ϕñtmⁿC
b Windows w Oracleb Windows tWw Oracle ºeA²¿UCG
1. τzt,XWL Oracle wΓUñw∩z0Γ⌡µw¼
CXtDC
2. HwzbßnJ Windows tC
bziHlw Oracle FC
bwºßtm OraclepGzntm≤ Tivoli Identity Manager [c OracleA¿hßmw
@C
1. τ $ORACLE_HOME /dbs/init.ora ñsbUµG
20 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||
||||||
|
|
|
|
|
|
|
|
|
v Oracle 8i:
compatible=8.1.0
v Oracle 9i:
compatible=9.2.0.0
2. Ωw Tivoli Identity ManagerC
UO@iΩw SQL Script dCztX⌠DA≤
Script ñC
-- Create databaseCREATE DATABASE sample
CONTROLFILE REUSELOGFILE ’/u01/oracle/sample/redo01.log’ SIZE 1M REUSE,
’/u01/oracle/sample/redo02.log’ SIZE 1M REUSE,’/u01/oracle/sample/redo03.log’ SIZE 1M REUSE,’/u01/oracle/sample/redo04.log’ SIZE 1M REUSE
DATAFILE ’/u01/oracle/sample/system01.dbf’ SIZE 10M REUSEAUTOEXTEND ONNEXT 10M MAXSIZE 200M
CHARACTER SET UTF8;
-- Create another (temporary) system tablespaceCREATE ROLLBACK SEGMENT rb_temp STORAGE (INITIAL 100 k NEXT 250 k);
-- Alter temporary system tablespace online before proceedingALTER ROLLBACK SEGMENT rb_temp ONLINE;
-- Create additional tablespaces ...-- RBS: For rollback segments-- USERs: Create user sets this as the default tablespace-- TEMP: Create user sets this as the temporary tablespaceCREATE TABLESPACE rbs
DATAFILE ’/u01/oracle/sample/sample.dbf’ SIZE 5M REUSE AUTOEXTEND ONNEXT 5M MAXSIZE 150M;
CREATE TABLESPACE usersDATAFILE ’/u01/oracle/sample/users01.dbf’ SIZE 3M REUSE AUTOEXTEND ON
NEXT 5M MAXSIZE 150M;CREATE TABLESPACE temp
DATAFILE ’/u01/oracle/sample/temp01.dbf’ SIZE 2M REUSE AUTOEXTEND ONNEXT 5M MAXSIZE 150M;
-- Create rollback segments.CREATE ROLLBACK SEGMENT rb1 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb2 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb3 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;CREATE ROLLBACK SEGMENT rb4 STORAGE(INITIAL 50K NEXT 250K)
tablespace rbs;
-- Bring new rollback segments online and drop the temporary system oneALTER ROLLBACK SEGMENT rb1 ONLINE;ALTER ROLLBACK SEGMENT rb2 ONLINE;ALTER ROLLBACK SEGMENT rb3 ONLINE;ALTER ROLLBACK SEGMENT rb4 ONLINE;
ALTER ROLLBACK SEGMENT rb_temp OFFLINE;DROP ROLLBACK SEGMENT rb_temp ;
3 . N O r a c l e suqw] 5 0 W[ 1 5 0AΦksΦ
$ORACLE_HOME/dbs/init.ora PROCESSES C
: úP° Oracle suDiαjtºCNsu]AXz⌠
C
4. H alter sql ⁿOAN Oracle ϕµíqw]W[jC
SQL> alter database datafile ’location of DBF file\ENROLE1_DATA_001.DBF’ resize 500mSQL> alter database datafile ’Oracle db location of DBF file\ENROLE1_IDX_001.DBF’resize 500m
3 Ωwtm 21
|
|
|
|
SQL Server 2000 tm
Níw Microsoft SQL Server 2000 Tivoli Identity Manager emw
MßmwtmBJC
úO@íAú\ SQL Server 2000 wσ≤AoπΩTC
w SQL Server 2000b Windows tw SQL Server 2000 ºeA²¿UCG
1. ²ws SQL Server 2000 Service PackC
2. b SQL Server w@ºeAHzbßnJ Windows tC
bziHlw SQL Server FC
bwºßtm SQL Server 2000pGzntm≤ Tivoli Identity Manager [c SQL Server 2000A¿h
ßmw@C
1. MS SQL Server Enterprise ManagerC
2. VXíOC
a. ∩uπ -> SQL Server tme...
b. buwvW∩uSQL Server M Windows OvC
3. sΩwC
a. ²≡As² Microsoft SQL Server -> SQL Server SQL s -> ]
Windows NT -> ΩwC
b. ½kΣ÷@UΩwIA∩sΩwC
oeXuΩwev°íC
c. bu@δvWAΘJ itimdb @uWvµC
d. buΩvWAΘJUCΩTG
v ljp (MB)G20
v ∩uXjv∩C
v ∩uL¡XjvΩsC
e. buµ÷ΘxvΘJUCΩTG
v ljp (MB)G20
v ∩uXjv∩C
v ∩uL¡XjvΩsC
f. ÷@UTwC
22 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
4 ²°Atm
Níp≤tm²°ACoBJ]zºewgw²°AAiHt
m²°A Tivoli Identity Manager C
:
1. IBM Directory Server 5.1 iHw@ IBM DB2 ΩA²únwΓ IBM
DB2 ΩCpGnΣLΩTA\≤
http://www.ibm.com/software/network/directory IBM Directory Server σ≤Cp
ⁿΣ²°A÷ΩTA\ IBM Tivoli Identity Manager NC
2. pG IBM Directory Server 5.1 OºewAhiα]@3n²
WebSphere – Express ΩAo≡≡CpGnΣLΩTA\ 28
ybP@íqúW 5.1 M WebSphere Application ServerzC
3. ΩTD²°Aú¡ú≤sxBíσ≤NΩTC∩
≤zwΩTAp≤h÷ΩTA\ viiyeÑzñ
XHúúΣLXC
∩UC@G
v yIBM Directory Server tmz
v 29ySun ONE Directory Server tmz
IBM Directory Server tm
Níp≤tm IBM Directory ServerC
UCBJOw∩UCX⌡µG
dirserver_installdir
w IBM Directory Server ²CpG
v AIXG/usr/ldap/
v SolarisG
– IBM Directory Server 4.1 G/opt/IBMldapc/
– IBM Directory Server 5.1 G/opt/ldap/
v HP-UXG/usr/IBM/ldap/
v WindowsGc:\Program Files\IBM\ldap
cd_installdir
CD W²CpGnΣXAXz⌠ CDA\ 87² A,
yHMM≤úwMzñ CD1 íC
versionspecific_slapd
v IBM Directory Server 4.1 OH slapd @ⁿOAH slapd32.conf @
C
v IBM Directory Server 5.1 hH ibmslapd @ⁿOAH ibmslapd.conf
@C
© Copyright IBM Corp. 2004 23
|
my_suffix
z Tivoli Identity Manager rwq⌠≤Ap comC
pGntm IBM Directory ServerA⌡µUC@G
1. yⁿw Tivoli Identity Manager rz
2. y Tivoli Identity Manager tmπíz
3. 26y½s²°Az
4. 27y LDAP r½≤z
ⁿw Tivoli Identity Manager r
pGnⁿw Tivoli Identity Manager rAnJ IBM Directory Server tA
B⌡µUCBJG
1. bsΦ versionspecific_slapd.conf ºeA² ε IBM Directory ServerCIBM
Directory Server bl]w¬ Ab IBM Directory Server εm½
C
2. IBM Directory Server tmuπiµUC≤AOsΦUCG
v UNIX: <dirserver_installdir>/etc/versionspecific_slapd.conf
v Windows: <dirserver_installdir>\etc\versionspecific_slapd.conf
3. MΣo@µGibm-slapdSuffix: cn=localhost
4. b µU[Wßo@µGibm-slapdSuffix: dc=my_suffix
Σñ my_suffix NOz Tivoli Identity Manager wqrC
5. ÷tmñU@BA\y Tivoli Identity Manager tmπ
ízC
Tivoli Identity Manager tmπí
ziHbw Tivoli Identity Manager ºeºßAtmπíC
pGnMΣAXz⌠AjM 87² A, yHMM≤ú
wMzí CD 2CMΣUz²G
v AIXGDelRef/aix/
v HP-UXGDelRef/hpux/
v SolarisGDelRef/sun/
v WindowsGDelRef\nt\
MßMΣAϕG
v libdelref
Tivoli Identity Manager πíw
v timdelref
Tivoli Identity Manager tm
pGntmπíA⌡µUC@G
1. NUC Tivoli Identity Manager íwG
v AIXGlibdelref.a
24 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
: Y AIX W IBM Directory Server 5.2 AπXí
libdelrefids52.aCpMΣ Tivoli Identity Manager 4.5.1 ú
o÷ΩTA\ 87² A, yHMM≤úw
MzCw IBM Directory Server Patch P520A-00C Nns
libdelrefids52.a íwCp÷ΩTA\ IBM Tivoli Identity
Manager NC
v HP-UXGlibdelref.sl
v SolarisGlibdelref.so
v WindowsGlibdelref.dll
q CD 2 sUC²°AG
v UNIX: <dirserver_installdir>/lib
v Windows: <dirserver_installdir>\bin
2. N Tivoli Identity Manager tm timdelref.confAqAϕ CD ²sU
C²°A²G
v UNIX: <dirserver_installdir>/etc
v Windows: <dirserver_installdir>\etc
3. ∩UC²°AG
v UNIX: <dirserver_installdir>/etc/versionspecific_slapd.conf
v Windows: <dirserver_installdir>\etc\versionspecific_slapd.conf
⌡µUCBJG
a. bñjMo@µG
ibm-slapdPlugin: database path_to_rdbmfilename rdbm_backend_init
Σñ path_to_rdbmfilename tG
v AIXG/lib/libback-rdbm.a
v HP-UXG/lib/libback-rdbm.sl
v SolarisG/lib/libback-rdbm.so
v WindowsG/bin/libback-rdbm.dll
b. be@µUA≥ [WUzⁿO]NⁿOΘJ≤P@µG
v AIXG
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.a DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
: Y AIX W IBM Directory Serverr 5.2 Ab»zíñⁿw
libdelrefids52.a D libdelref.aCpMΣ Tivoli Identity Manager
4.5.1 úº libdelrefids52.a ÷ΩTA\ 87
² A, yHMM≤úwMzC
v HP-UXG
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.sl DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
v SolarisG
4 ²°Atm 25
|
|
|
|||
ibm-slapdPlugin: preoperation<dirserver_installdir>/lib/libdelref.so DeleteReferenceInitfile=<dirserver_installdir>/etc/timdelref.conf dn=dc=my_suffix
v WindowsG
ibm-slapdPlugin: preoperation "<dirserver_installdir>/bin/libdelref.dll"DeleteReferenceInit file="<dirserver_installdir>\etc\timdelref.conf"dn=dc=my_suffix
: Ynⁿw Windows W libdelref.dll M timdelref.conf ⌠A
N HAϕCAHuⁿw libdelref.dll
⌠C
4. ½s²°ACpGnΣLΩTA\y½s²°AzC
½s²°A
pGn ε½s IBM Directory ServerA⌡µUC@G
v WindowsGΘJUCⁿOG
net stop "IBM Directory Server version"net start "IBM Directory Server version"
Σñ version OⁿUC@ IBM Directory Server G
– V4.1
– V5.1
⌡µUC@G
1. ÷@Ul -> ]w -> εx -> zuπ -> AC
2. ½kΣ÷@U ″IBM Directory Server version″C
3. bí\αϕWA÷@UεAMßA÷@UC
4 . PπíOwg½stmCd
dirserver_installdir\var\versionspecific_slapd.log ñOⁿHU
TºG
¼ PREOPERATION íwgQqc:/Program Files/IBM/ldap/bin/libdelref.dll ⁿJ
v UNIXG
1. MßΘJUzⁿOG
ps -ef | grep versionspecific_slapd
2. Oϕe@ⁿOG ID (PID) XC
3. ΘJUí⌠Gkill <PID>
Σñ <PID> Q²e PID NC
4. Tw wg⌠AΦkO½⌡µ ps -ef | grep versionspecific_slapd
ⁿOAⁿOGSCX εC
5. ½s²°AA²s]wCΘJUzⁿOG
versionspecific_slapd
6. PπíOwg½stmCd
dirserver_installdir/var/ldap/versionspecific_slapd.log AoⁿU
TºG
26 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
¼ PREOPERATION íwgQq/usr/ldap/lib/libdelref.a ⁿJ
LDAP r½≤
b Tivoli Identity Manager LDAP r½≤ºeA²ⁿwrAMß½s
²°AC
pGn LDAP r½≤A⌡µUC@@G
v ⁿOµG@ suffix.ldif LDIF ApUG
dn: dc=my_suffixdc: my_suffixobjectclass: topobjectclass: domain
ldapadd ⁿOsWrC±ΦíAΘJUzⁿO]ΘJ≤P@µG
dirserver_installdir/bin/ldapadd -i full_path_to_suffix.ldif -D ldap_admin-w ldap_admin_password
v LDAP zDxGr½≤]N objectClass ] domainCUC
@nΘG
– IBM Directory Server 4.1 G²zuπ
– IBM Directory Server 5.1 GzDx
s IBM Directory Server zDx
pUs IBM Directory Server Web zDxG
1. b Windows WAΘJUCⁿOP IBM Directory Server 5.x @w
WebSphereG
ids_installdir\appsrv\startServer.bat server
2. Hs²UC⌠s IBM Directory Server zDxG
http://WAS_hostname/:9080/IDSWebApp/IDSjsp/Login.jsp
3. pGoOz@s IBM Directory Server zDxA⌡µUC@G
a. ΘJ ID ″superadmin″ MKX ″secret″AH Console Admin ¡≈nJC
b. ∩Dxz -> zDx°AC
c. sWs IBM Directory Server D≈WC
d. nXC
4. Ye@BJw¿A⌡µUC@G
a. ∩ IBM Directory Server zDxW LDAP D≈WC
b. ΘJW]τYAΘJ cn=rootMKXnJ IBM Directory ServerC
IBM Directory Server zDx
pU IBM Directory Server 5.1 Web zDxG
1. ÷@U²z -> sWC
2. ∩ domain @uc.½≤OvCMß÷U@BC
3. ún[WuU½≤OvC ÷U@BC
4. pGOu∩ DNvA[W dc=my_suffixC
5. pGOunvA[W my_suffixC
4 ²°Atm 27
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6. ÷@U¿C
7. ÷@U²z -> zC
o CXr dc=my_suffixAΣ½≤O domainC
Bz Windows W IBM Directory Server 5.2 ⌡µⁿ¡ε
w]Ab Windows W⌡µ IBM Directory Server 5.2 Σ 64 µs
uCMATivoli Identity Manager ΩA LDAP suxs@A¬F 100
]w]P IBM Directory Server PsuC
Ynεosu¡εDA⌡µUC@G
1. b ibmslapd.conf ñsΦUCq¿G
dn: cn=Front End, cn=Configuration
boq¿[JUo@µG
ibm-slapdsetenv: SLAPD_OCHANDLERS=number-of-threads
Σñ@⌡µⁿΣ 64 suC
2. ½s IBM Directory ServerC
pNµMΦk÷ΩTA\ IBM Tivoli Identity Manager Problem
Determination Guide ñí IBM Directory Server suxsDC
bP@íqúW 5.1 M WebSphere Application ServerpG IBM Directory Server 5.1 ºewgsbAΣw[ciα3btW
n² WebSphere – ExpressC
pGzO Tivoli Identity ManagerAΓ WebSphere Application Server wbP@
íqúWAow[cNú WebSphere – Express ΩCWebSphere –
Express M WebSphere Application Server mP@≡Cbw Tivoli Identity
Manager M WebSphere Application Server ºeAz²úh⌠≤iαP WebSphere
– Express o≡≡C
WebSphere Application Server OUCw]≡]wG
v HTTP Θ]≡ 1G9080
v HTTP Θ]SSLA≡ 2G9443
v HTTP Θ]≡ 3G9090
v HTTP Θ]≡ 4G9043
v Bootstrap/rmi ≡G2809
v í½≤sqT≤w (SOAP) s ≡G8880
ziHσrsΦAN WebSphere – Express C@w]≡A∩ú≡C
pA⌡µUC@G
v ∩UCñC@ HTTP Θ≡G
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\servers\server1\server.xmldirserver_installdir\appsrv\config\cells\DefaultNode\virtualhosts.xml
ΓUC HTTP Θ≡½¿ú≡G
28 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
|
– 9080
– 9443
– 9090
– 9043
v Bootstrap/rmi ≡G2809
MΣt≡ 2809 @µANª½¿ú≡C µObUoñG
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\serverindex.xml
v SOAP s ≡G8880
MΣt≡ 8880 @µANª½¿ú≡C µObUoñG
dirserver_installdir\appsrv\config\cells\DefaultNode\nodes\DefaultNode\serverindex.xml
Sun ONE Directory Server tm
: bUσϕñAmy_suffix Oⁿz Tivoli Identity Manager wq⌠≤rA
p comC
pGntm Sun ONE Directory ServerA⌡µUC@G
1. uiPlanet DxvC
oeXuiPlanet DxvnJ∩°íC
2. τuz URLvñ≡AΘJzKXAMß÷@UTwC
3. iJDx≡¼²ñ²°AA÷@UC
4. ∩utmvC
5. ½kΣ÷@U²°A≡¼cutmvWΩAMß÷@Us
rC
oeXus rv∩°íC
6. bus rv∩°íñusrvσrµñAΘJ dc=my_suffix
7. buΩwWvσrµñAΘJznΩwWC
pAΘJUzⁿOG
itimdb
8. pGS∩÷pΩw∩A∩ªAMß÷@UTwC
oeXuTv∩°íC
9. buTv∩°íñA÷@UOC
oeAu²°AvDxC
10. ∩u²vC
11. ½kΣ÷@U²°A≡¼cñ²°AWC
oeX@\αϕC
12. b\αϕus ½≤vUA∩ dc=my_suffixC
oeXus½≤v∩°íC
4 ²°Atm 29
13. ∩ domainAMß÷@UTwC
oeX dc=my_suffix uesΦv∩°íC
14. buesΦv∩°íñ÷@UTwC
oeAu²°AvDxC
15. ∩@AMß÷@U½s²°AC
oN]wF Sun ONE Directory ServerC
16. ¿UCAXj Tivoli Identity Manager °AiOΘG
a. ²°ADxAMß÷@UtmC
b. i²≡ñΩIAMß÷@UΩw]wC
c. ÷@U LDBM í]wC
d. zwΘΩΘOΘANuOΘjpW¡v]w]AϕC
pG Sun ONE Directory Server Owbªv≈WA≥zNo
]tiOΘ 75%C
e. ÷@UxsC
f. i Tivoli Identity Manager íIC
±ΦíAdc=comC
g. b Tivoli Identity Manager íIñ∩Ωw½≤AMß÷@UΩ
w]wC
h. zwΘΩΘOΘANuiOΘv]w]AϕC
pG Tivoli Identity Manager O@o²íA≥zN
oA]uLDBM í]wvW]wuOΘjpW¡v
60%C
i. ÷@UxsC
j. ÷@U@AMß½s²°AC
30 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
5 µ@°AwGTivoli Identity Manager °A
Níbµ@°AtmñwMtm Tivoli Identity Manager °A@C
pGqúºeSw WebSphere Application Server BaseAµ@°Aw
UC°≤AwUCíMM≤G
v WebSphere Application Server Base
pGtWSUC⌠≤@ANw IBM Tivoli Identity Manager
NC WebSphere Application ServerBM≤ 2 H APARS C
– WebSphere Application Server 5.0 ≤
– WebSphere Application Server Network Deployment
v IBM HTTP Server
pG IBM HTTP Server úsbApG¡≤ 1.3.26ANw IBM
HTTP ServerC
v WebSphere Embedded Messaging Σ
v Tivoli Identity Manager °A
: pGwgwF WebSphere Application Server 5.0Ah Tivoli Identity Manager u
w Tivoli Identity Manager °AC
÷SwíMM≤A\ IBM Tivoli Identity Manager N
C
w@UoΓíG
v ylºez
v 38yw Tivoli Identity Manager °Az
lºe
blºeA⌡µUC@G
v MwAϕ (CD) M≤w Tivoli Identity ManagerCpGnΣL
ΩTA\ 87² A, yHMM≤úwMzC
v pGzO Orac le zΩwAo Orac le JDBC Xí
]classes12.zip s²ñC
v TwUC Tivoli Identity Manager nΘb⌡µñG
ϕ 1. í
nΘ pGnΣLΩTA\
Ωw 11 3 , yΩwtmz
²°A 23 4 , y²°Atmz
v Twi íBΩOΘMΣLíDoXíXCpGnΣL
ΩTA\ IBM Tivoli Identity Manager NC
© Copyright IBM Corp. 2004 31
|
|
|
|
: YX IBM Tivoli Identity Manager N nwΘDñí
xsΘíDAwNóC
v pG Tivoli Identity Manager ww WebSphere Application ServerAh
tX IBM Tivoli Identity Manager N 95² B, y
WebSphere ⌠z ñíDC÷ WebSphere DΣLΩTA\
WebSphere Application Server úσ≤C
v TwzπTzv¡CpGSAoov¡AMß½s≈AA
ϕv¡C
buzsvñ]²úOuzvCuzsvñ
πUCv¡G
– @í@t
– HAínJ
pGnMw∩v¡A⌡µUC@G
1. ÷@Ul -> εxC
2. buεxvWA÷@Uzuπ -> ≈wh -> ≈h -> v
QⁿwC
3. ÷@UAϕv¡[H∩C
v pGºewgw WebSphere Application ServerABwguWebSphere s
wvAbw Tivoli Identity Manager ºßA¿nΓBJCΣL÷
ßmwΩTA\ 104 yµIípbw Tivoli Identity
Manager ºßΓBJzC≤÷uswvΩTA\ WebSphere
Application Server úσ≤C
v PqúWeOUCΩAMßn≤@G
– WebSphere Application Server Base MM≤ 2 OwgsbH
:
1. bw Tivoli Identity Manager ºeºßAzM IBM Tivoli Identity
Manager N ñw∩ⁿw¡xííMM≤
DC
2. pG WebSphere Application Server 5.0 MM≤ 2 ΓPsbAw
ío@I]¡≤ Windows 2000CpG WebSphere Application
Server 5.0 sbA²O Fix Pack 2 úsbAwíNú@hiTºA
²ONúw Fix Pack 2Cwí]N WebSphere Application Server
Network Deployment Fix Pack 2Cp÷ΩTA\ IBM Tivoli Identity
Manager NC
3. b Windows 2003 WAWebSphere Application Server Base M WebSphere
Application Server Network Deployment wGi]A Fix Pack 2C
– WebSphere Embedded Messaging ΣOwgsbHpGtWwg
WebSphere Application ServerAwNúd WebSphere Embedded
Messaging Σ]OsbCboípUApG WebSphere Embedded Messaging
ΣúsbAA⌡µ WebSphere Application Server wíw WebSphere
Embedded Messaging ΣC
: pGz²eHΓΦíw WebSphere M Fix Pack 2Ahiα 3w
WebSphere Embedded Messaging ΣCpGzºßMww Tivoli Identity
32 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
ManagerAhz²HΓΦíw WebSphere Embedded Messaging Σ
½s⌡µ Fix Pack 2AMß&w Tivoli Identity ManagerC
v τ WebSphere Application Server µ÷A]w≈jA¼HBz
Tivoli Identity Manager u@qC÷∩o]wΩTA\ 100
ytm WebSphere Application Server µ÷A]wzCpGzú∩]wBz
u@qA≥nDiαb@ 3¿ºeNOC
v pGzbqúWwFúu@ WebSphere Application ServerAM
≡DCpGnΣLΩTA\yM≡DzC
v bznw Tivoli Identity Manager qúWAyÑ⌠]wAϕAHTOy
ѵíoHδC
v WebSphere Application Server M≤ 2 ]Mw Web °AqúWC
bwM≤ºeA² ε Web °AC
: tmϕñiαnX WebSphere Web íAΣñ]Abπ WebSphere
Application Server Network Deployment qúWw WebSphere Web Server
íC
v TwbuScript @vqñAs² (Microsoft Internet Explorer) u@ñ Script
@v]uvCp⌡µ@÷ΩTA\ 54 y
Tivoli Identity Manager °AqTzC
v ¿tmΩTu@ϕC
M≡D
UOiαo≡DG
v bw Tivoli Identity Manager ºeA²Tw WebSphere 5.0 P@ SOAP ≡A
ObUCmwqG
– Uzñ com.ibm.ws.scripting.portG
WAS_HOME\properties\wsadmin.properties
– bUzñAserver1 SOAP_CONNECTOR_ADDRESS U≡G
WAS_HOME\config\cells\<cell_name>\nodes\node_name\serverindex.xml
pGoú@AUCBJ≤≡G
1. wsadmin.properties C
2. Γ com.ibm.ws.scripting.port A∩zb serverindex.xml ΣC
: pG] SOAP ≡úTAwóA≤≡WµAMß½s⌡µ
ITIM_HOME/bin/runConfig install ⁿOC
v wªºßApGΩD≈≡P Tivoli Identity Manager ú@ATivoli
Identity Manager nJKóC
Tivoli Identity Manager ΩD≈≡O 80 M 9443CpGwqTAh
≡ 9443C
bqúWw@ WebSphere °AΩAiH Tivoli Identity Manager w
ΩD≈≡AⁿwTC
5 µ@°AwGTivoli Identity Manager °A 33
|
|
|
|
|
²pGbP@íqúWwG WebSphere °AΩ]p Network Deployment
ManagerANW Network Deployment Manager ≡C±ΦíAΩD
≈≡W 80 81AH 9443 9444CzN≡½stm Tivoli Identity
Manager XC
pGn≤ΩD≈≡As WebSphere zDxAMß⌡µUC@G
1. ÷@U⌠ -> ΩD≈ -> w]D≈ -> D≈OWC
2. NΩD≈≡∩ 80 H 9443C
3. NtmxsbDnxswA∩N≤PIPBC
4. ÷@U≤s Web °AíAMßA÷@UTwC
5. ½sOC
µ@°AwΩTu@ϕ
blwºeA²¼UCΩTG
ΩwΩT
ziHw∩÷píΩwzt¼UCΩTG
z ID ______________________________
bwΩwz ID]db2InstanceName OⁿΩwΩ
CpAIBM DB2 w]pUG
v UNIXGdb2inst1
v WindowsGdb2admin
pGnΣLΩTA\ 11yIBM DB2 tmzC
zKX ______________________________
z ID KXC
ΩwW ______________________________
iⁿw Tivoli Identity Manager °As ΩwΦíCpGΩwOw
b⌠AhuΩwWvNOⁿΩwWC±ΦíAuΩwW
vO itimdbCpGΩwOwb⌠AhuΩwWvNOⁿ
ΩwOWWCΣL÷ catalog ⁿOⁿwΩwΩTA\ 14ytm IBM DB2 JDBC XízC
Ωw¼ ______________________________
tΩw¼CpAIBM DB2 NO@ΩwC
ΩwG
Ωw ______enrole__________________
Tivoli Identity Manager °AnJΩwbßC ID O
enroleC
: o ID Lk≤C
KX ______mypassword______________
Tivoli Identity Manager °AnJΩwbßKXC
34 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
IP ______________________________
Ωw°A IP CIBM DB2 úno@ΩC² Oracle M SQL
Server 2000 (SP3) Nno@ΩFC
≡ ______________________________
Ωw°A≡CIBM DB2 úno@ΩC² Oracle M SQL
Server 2000 (SP3) Nno@ΩFC
Aw°iUCΩwxs"ΩTCΩwxs"ΩTMw Tivoli Identity
Manager °AiH±Ωw JDBC suCpGnΣLΩTA\
IBM Tivoli Identity Manager tmΓUC
ziH⌠÷≤⌠DUCUG
leq
Tivoli Identity Manager °AiH±Ωw JDBC sul
eqW¡
Tivoli Identity Manager °AiH±Ωw JDBC suW¡
nJ≡ϕ
suíjϕ
²°AΩT
¼UCΩTG
D≈W ______________________________
²°AD≈πWCpAidentity1.mylab.mydomain.comC
¡zí DN m ______________________________
bumvµΘJ]pAdc=comAPzbtm LDAP
r]pAdc=comPCpGnΣLΩTA\ 23 4
, y²°AtmzC
zW ______________________________
buzWvµΘJAπb\h Tivoli Identity Manager
í eWXϕñC@δíAo±-qW≤
íC±ΦíAIBM Corporation NO@WC
: ziHboµΘJµr (ASCII) rArrC
w]g ______________________________
buw]gvµñΘJAOb IBM Directory Server í
ANϕzCoqO-qWgC±ΦíAibmcorp NO@
gC
: uw]gvµuαΘJµr (ASCII) rAp σ
IDC
°Ωxs ______________________________
°ΩxsAOtΩiµd\CziH⌠÷⌠
Dw] (1)C
5 µ@°AwGTivoli Identity Manager °A 35
≡ ______________________________
²°A Ñ≡Ap 389C
DΘ DN ______________________________
DΘOW IDCpAcn=rootC
KX ______________________________
bw²°ADΘOW ID KXC
Aw°i Tivoli Identity Manager °Aαs LDAP suxs
"UC LDAP suxs"ΩTµCpGnΣLΩTA\ IBM Tivoli
Identity Manager tmΓUC
ziH⌠÷≤⌠DUCUG
xsjpW¡
⌠≤ LDAP suxs"hiH su
xsljp
w∩ LDAP suxs"lsu
Wqp
@.suúbñACnD@suAN[J LDAP suxs"ϕñ
suC
WebSphere Application Server µ@°AwΩT
µ@°Atm WebSphere Application Server wπUCµCpGnΣL
ΩTA\ 95² B, y WebSphere ⌠zC
z ID ______________________________
pGnw WebSphere Application ServerANπo@CΣO
WebSphere Application Server M IBM HTTP Server AC ID π
UCv¡AhNLkw Tivoli Identity ManagerG
v @í@t
v HAínJ
zKX ______________________________
z ID KX
u@D≈W ______________________________
bw WebSphere Application Server Base ΩΘqúWD≈WAª
Obiµµ@°Aw@πCpGwgw WebSphere Application
Server BaseANúXoµC
: pGzOuAD≈tmqT≤wv(DHCP) Pwqú IP A
únπqúD≈WCungYiC
w² ______________________________
WebSphere Appl ica t ion Server Base w²CpA²
drive:\Program Files\WebSphere\AppServerC oµ°≤pUG
36 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
v pG Tivoli Identity Manager wnw WebSphere Application Server BaseA
N±go@C
v pGwgw WebSphere Application Server BaseAhiQª@Tº
C
IW ______________________________
wqIWAqúQⁿwPπTw IP D≈ºΩΘqú
D≈W@C
≡ ______________________________
WebSphere Application Server Ñ≡Cw]O 9090Co≡iH
&µCpGwgw WebSphere Application Server BaseANúXoµ
C
°AW ______________________________pGºewgwF WebSphere Application ServerAKXoµAú
zΘJ WebSphere Application Server WCoObiµµ@°AwAz
íp Tivoli Identity Manager WebSphere Application ServerC
w]w
UCµOXbuttmwvWC
u[Kv∩
iN Tivoli Identity Manager eñΩwKXBLDAP H
WebSphere Application Server z ID [KC
í°Az
i²z]wMTUCKXG
t
WebSphere Application Server ID MKXCzub
uWebSphere swvA&nΘJoΩC
103yJ2EE wzΓBJíAo ID
ⁿ≤ wasadminC
EJB
bw@ºe²wqMKXCzub
uWebSphere swvA&nΘJoΩC
103yJ2EE wzΓBJíAo ID
ⁿ≤ itimadminC
: pGoµbªXwgw²±nAΣñiαtwasadmin CNoµ∩ itimadminC
WebSphere Embedded Messaging °AMß
¼UCΩTG
w² ______________________________
oOw WebSphere Embedded Messaging Σ²C
5 µ@°AwGTivoli Identity Manager °A 37
IBM HTTP Server ΩT
¼UCΩTG
w² ______________________________
biµµ@°AwπCoµub WebSphere Application Server
M IBM HTTP Server ΓúSw&XCoOw IBM HTTP Server
²C
Tivoli Identity Manager ΩT
NU÷ Tivoli Identity Manager ΩTG
[K≈
o≈iHO⌠≤µryCΣO Tivoli Identity Manager KXM
ΣL≈Kσr[KC b e n R o l e . p r o p e r t i e s ñOxs
enrole.encryption.passwordC
Oⁿh
πzblt AΣΘx/lCtziH]w INFO M
FATAL ºíuOⁿhvµXA∩ΘxCOⁿhU
Y½AtαUA]oϕgΘxΩTU,C
l≤°AW
SMTP l≤°AObΣd≥CSMTP D≈Ol≤hDC
ID ____itim manager________
Tivoli Identity Manager IDCwºßw]O itim managerCb
nJ Tivoli Identity Manager Ao IDC
KX ____secret______________
Qⁿw itim manager Tivoli Identity Manager z ID KXC
bwºßYw]KXO secretC
: zbnJ Tivoli Identity Manager °AA≤zbßKXC
w Tivoli Identity Manager °A
UoyANíbµ@°Atmñw Tivoli Identity Manager °A
≤≥C
38 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
pGnbµ@°Atmϕñw Tivoli Identity Manager °AA¿UCBJG
1. 40y²luw∩vMuvv°íz
Encryption key
Pre-installsummary
Configuredatabase
ConfigureLDAP
ConfigureSystem
No
No
Yes
Yes
WebSpheresecurity?
WebSpherealready
installed?
EnterCredential
Enternode name,server name
ConfirmWebSphere
directory
Enter installationdirectory
Selectdatabase type
WebSphere,HTTP serverdirectories
Host nameWebSphere node
name
SingleServer
Cluster/Functional
ClusterInstallType?
ClusterInstall
WebSphereMQ directory
WindowsAdministrator UserID and Password
5. µ@°Awy (Windows)
5 µ@°AwGTivoli Identity Manager °A 39
2. 41y∩w¼Mw²z
3. 41y∩Ωwz
4. 41y¿µ@°Aw°íz
5. 43yⁿw WebSphere swz
6. 45yⁿw[K≈B\¬emwKnz
7. 46ywiMΣLtmíz
8. 53yµ@°AwΘxM²z
9. 53y¿wtmz
10. 54y Tivoli Identity Manager °AqTz
²luw∩vMuvv°í
wO)@tCuw∩vMuvv°íª⌡Cn²l°íA⌡µ
UC@G
1. nJznw Tivoli Identity Manager °AqúC
:
a. zπtzMvbßnJ (Administrator)C
2. N Tivoli Identity Manager ú CD íJ≈ñCpGnΣXAXz⌠
CDA\ 87² A, yHMM≤úwMzC
3. ÷@Ul -> ⌡µC
4. ΘJz≈NAMßAΘJUzⁿOG
instWIN-WAS.exe
oeuw∩v°íC
: YznJbßS⌡µ instWIN-WAS.exe \ivAhzPbß\i
v⌡µC
5. pGn≤weMyÑA÷@UΦe σUΣA∩t@
yÑAMß÷@UTwC
: o∩ú∩ Tivoli Identity Manager íHß⌡µyÑM
≤C
oeuvXv°íC
6. uw∩v°í
40 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
6. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿA ÷U@BC
∩w¼Mw²
oeu∩w¼v°íC
⌡µUC@G
1. ∩µ@°A∩AMß÷U@BC
oeu∩w²v°íC
2. ⁿw]w² c:\itim45A÷@U∩...A∩t@²C ÷U@BC
∩Ωw
oeu∩Ωw¼v°íC
∩UC@Ωw¼AMß÷U@BG
v IBM DB2 qΩw
v OracleCpGnΣLΩTA\ 16yTivoli Identity Manager Oracle
wMtmzC
v SQL Server 2000 (SP3). pGnΣLΩTA\ 22ySQL Server 2000
tmzC
¿µ@°Aw°í
pGS WebSphere Application Server M IBM HTTP ServerAhµ@°A
wpUG
7. u∩w¼v°í
5 µ@°AwGTivoli Identity Manager °A 41
1. eX@°íAnDzΘJ WebSphere Application ServerBIBM HTTP Server
H WebSphere Embedded Messaging °AMßw²C
ziH ⁿw]²A]iHΘJz0Γw WebSphere Application Server M
IBM HTTP Server ΣL²CpGOb Windows WAeXt@°íA
nDzΘJ WebSphere Embedded Messaging Σ²C ÷U@BC
: pGbTw WebSphere Application Server sbAhXt@
°íCpGbTw IBM HTTP Server sbAΣµNúX
bo°íC
2. UX@°íAúzΘJu@D≈WBIWH WebSphere
Application Server Ñ≡C
: pGwgw WebSphere Application ServerAh°íúzΘJ WebSphere
IWM WebSphere Application Server WCpGzO DHCP Pwq
ú IP AúnπqúD≈WCungYiC±ΦíA
identity1 OgA identity1.tivlab.raleigh.ibm.com hOπWC
8. uΘJUCΩw WebSphere Application Serverv°í
42 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
ziH ⁿw]A]iHA∩ªCMß÷U@BC
3. pG Tivoli Identity Manager nw WebSphere Application ServerAeXΣ
L°íAí WebSphere Application Server nDnΘCOϕoDA
÷@UTwC
4. oeX@°íAnDzΘJ Windows 2000 Administrator ID M
KXC±goµAMß÷@UTwCOo ID πUCv
¡G
v @í@t
v HAínJ
ⁿw WebSphere s w
oeuWebSphere wv°íC
: ubzwgw WebSphere Application Server ípUA&XuWebSphere
wMv°íC
9. uw WebSphere Application Server Base Ωv°í
5 µ@°AwGTivoli Identity Manager °A 43
pGuWebSphere swvA÷@Uw WebSphere wC
oXt@°íAnDzⁿw WebSphere Application Server ID MKXC
oNOb 103yJ2EE wzΓBJí wasadmin IDC
ΘJ ID MKXAMß÷U@BC
10. uWebSphere wv°í
11. uWebSphere zv°í
44 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
ⁿw[K≈B\¬emwKn
oeXuⁿw[K≈v°íAß≥ OuwKnv°íC
1. ΘJ[K≈A[K≈iHO⌠≤µryCΣO Tivoli Identity Manager
KXMΣL≈Kσr[KC b enRole.properties ñOxs
enrole.encryption.passwordC ÷U@BC
oeuemwKnv°íACXznw≤Bπi
íHw²]p c:\itim45C
2. ²Twwgπ íAMßA÷@UwC
pG Tivoli Identity Manager nw WebSphere Application ServerAhLF@q
íºßX@°íAnDzΘJt WebSphere Application Server wGi
X²C
3. pUⁿwwⁿIAMß÷@UU@BG
v Windows 2000: mount_point\nt
v Windows Server 2003, Enterprise Edition: mount_point\windows2003
bw@nDqA@tCwi°íCpGqúπn
ΩΦnXCU¡Aoqiαo°C
12. uⁿw[K≈v°í
5 µ@°AwGTivoli Identity Manager °A 45
|
|
wiMΣLtmí
wbYqw Tivoli Identity Manager °ACwºßAe
XΣL°íG
1. yTivoli Identity Manager Ωwltmz
2. 48yTivoli Identity Manager º²ltmz
3. 48yTivoli Identity Manager ltmz
Tivoli Identity Manager Ωwltm
oew∩UCtmA@Ωwtm°íG
v µ@°A
v bw Network Deployment Manager qúWAiµO\αOw
otmíiHtmeABb Tivoli Identity Manager Ωw]wϕµC
⌡µUC@G
1. ϕeXuTivoli Identity Manager Ωwtmv°íAΘJAϕC
13. uwiv°í
46 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
: Tivoli Identi ty Manager wús Oracle JDBC Xí
]classes12.zip CpGzO Oracle zΩwAhϕzΩ
wsuA¼ java.lang.ClassNotFoundException TºC
Yn≤oDA⌡µUC@G
a. ÷@U°AhXΩwtmí≥w@C
b. ϕw¿A⌡µUC@G
1) N Oracle JDBC Xí]classes12.zip qz²e
²szebΣWw IBM Tivoli Identity Manager ºqúW
ITIM_HOME/lib ²ñC
po Oracle JDBC Xí]classes12.zip º÷Ω
TA\ 87² A, yHMM≤úwMzC
ps²÷ΩTA\lw Tivoli Identity Manager ºe
n⌡µez@MµC
2) oXUCⁿOuΩwtmv°íG
ITIM_HOME\bin\DBConfig
3) ¿ΩwtmC
4) ε WebSphere Application ServerCUCⁿOG
WAS_HOME\bin\stopServer.bat servername
5) WebSphere Application ServerCUCⁿOG
WAS_HOME\bin\startServer.bat servername
2. ±g Tivoli Identity Manager ΩwΩwtmµCpGΩwO IBM
DB2AhuIP vMu≡vµe(ΓC²ΣLΩwú±goµ
C±ΦíAuΩwWvuOWvAO itimdb Cuz IDv
µAhOUC@G
v UNIXGdb2inst1
14. uΩwtmv°í
5 µ@°AwGTivoli Identity Manager °A 47
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
v WindowsGdb2admin
pGnΣLΩTA\ 12ytm IBM DB2 °AzC
3. ÷@UCϕzQΩwºßAuΩwtmv°íñu IDvM
uKXvµAK¿@ñµC
4. boµ±gAϕAMß÷@U≥C
Tivoli Identity Manager º²ltm
oew∩UCtmA@²°Atm°íG
v µ@°A
v bw Network Deployment Manager qúWAiµO\αOw
ziHΘJAϕA∩²°AiµltmAδ Tivoli Identity ManagerC
⌡µUC@G
1. ΘJuLDAP °AΩTvµC±ΦíAuD≈WvµANO⌡µ
²°AºqúπD≈WC
2. ÷@UCϕzQ²°AsuºßAu¡zí²ΩTv
qñµN¿@ñC
3. u¡zí DN mvO dc=my_suffixAªiHⁿw Tivoli Identity
Manager rCpGnΣLΩTA\ 24yⁿw Tivoli Identity
Manager rzCboµ±WAϕAMß÷@U≥C
Tivoli Identity Manager ltm
w¼ún Tivoli Identity Manager °Aúuttmv°íA
≤Ωw°AB²°AMΣLAG
15. u²tmv°í
48 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
1. u@δvO@tCtm Tivoli Identity Manager °Auttmv
ϕñ@C
u@δvµw²±nCΣL÷oµΩTA\ IBM
Tivoli Identity Manager tmΓUttmΩTC
2. ÷@U²C
oeu²v°íC
nA∩²°AΩTCpGoOO¿wA≥oΩT
Xºew∩ Network Deployment Manager ] LDAP WµC
3. ÷@UΩwC
oeuΩwv°íC
16. u@δv°í
17. u²v°í
5 µ@°AwGTivoli Identity Manager °A 49
4. ΘJ Tivoli Identity Manager ΩwuΩwWvsuΩTC±ΦíAuΩ
wWviαO itimdbCw] ID O enroleCpGoOO¿
wA≥oΩTXºew∩ Network Deployment Manager ]Ω
wWµC
5. ÷@UOⁿCoeuOⁿv°íC
6. ziH ⁿw] WARNA ⌠αqAΓo∩oyL@
IC
7. ÷@Ul≤A
ul≤v°íC
18. uΩwv°í
19. uOⁿv°í
50 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
8. bul≤vΘJAMß÷@UTwCΣL÷oµΩ
TA\ IBM Tivoli Identity Manager tmΓUC
:
a. u¡z°A URLvµANO Proxy °A URL ]pAIBM
HTTP ServerC
b. ΓH≤HA∩z⌠ Tivoli Identity Manager tzqll≤
Co@wn≤AhNeUúl≤WCqll≤
C
9. ÷@U UIC
oe UI °íC
20. ul≤v°í
21. UI °í
5 µ@°AwGTivoli Identity Manager °A 51
10. ⁿ UI w]A∩xMΩTAⁿwQ-qquw∩vπ
eM⌠CuMµjpviⁿw MµWCXXCp
GnΣLΩTA\ IBM Tivoli Identity Manager tmΓUCMß÷@U
TwC
11. ÷@UwC
oeuwv°íC
pGzuWebSphere swvAB]wΘJz ID MK
XA≥oµKw²±nCpGSuWebSphere swvAoµ
Ke#C
:
a. uEJB MKXvµlANOutMKXvµCz
iαo∩uEJB MKXvµCEJB ID °,≤ 12
rC
b. pGzbottmuwv°íñA≤ EJB ID EJB KX
A≥bw Tivoli Identity Manager ºßA⌡µ@ΓBJAN
wñΓ∩M ITIM Tivoli Identity ManagerCpGnΣL
ΩTA\ 103² C, ywqzC
12. ÷@UTwA¿ttmC
13. ATwΣL]AX⌡µ Tivoli Identity Manager M÷í
tmC
22. uwv°í
52 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
µ@°AwΘxM²
¿ttmºßAOoUCΘxmG
ϕ 2. wΘxWM²
W ²
dbConfig.stdoutldapConfig.stdoutitim45_installer_debug.txtrunConfig.stdout (on cluster install)runConfigTmp.stdout (on single server
and Network Deployment Manager)
ITIM_HOME\install_logs
itim45_install.stdoutitim45_install.stderr
t ²
Tivoli_Identity_Manager_InstallLog.log pGwQ¿Ah²
ITIM_HOMECpGwóAΘx±
b Windows αWC
log.txtihs_log.txtmq_install.logserver1/SystemOut.logitim.log
WAS_HOME\logs
ΣL÷ WebSphere Application Server ΘxΩTA\ WebSphere
Application Server σ≤C
¿wtm
pGzQn J2EE wA⌡µUC@G
v HΓΦí¿∩M@ABbw Tivoli Identity Manager ºßA½s J2EE
wCpGnΣLΩTA\ 104yµIípbw Tivoli Identity
Manager ºßΓBJzC
v Tw was.policy sbCpGnΣLΩTA\ 104 ytm
was.policy zC
bw Tivoli Identity Manager ºß runConfigbw Tivoli Identity Manager ºßAH runConfig ⁿOA¿UCíttmG
v ≤ enrole KXC
v ⁿwKX[KAH≤s Tivoli Identity Manager EJB ID MKXCpGn
ΣLΩTA\ 48yTivoli Identity Manager ltmzñAut
tmv°íWíC
ΣL÷ runConfig ⁿOΩTA\ IBM Tivoli Identity Manager tm
ΓUC
5 µ@°AwGTivoli Identity Manager °A 53
∩wyÑM≤
w Tivoli Identity Manager ºßApGw]yÑúO σA∩oMⁿ
Tivoli Identity Manager °AyÑM≤ CDCⁿOµíwyÑM≤C±
ΦíAΘJUo@µG
java -jar itimlp_setup.jar
oNiH Tivoli Identity Manager yÑM≤wíFCpGn¿yÑM≤
w@AϕwíeπUCⁿC
: n⌡µ Tivoli Identity Manager yÑM≤wíAα≈qⁿOµs Java
Runtime Environment 1.3.1C
Tivoli Identity Manager °AqT
pGnΩwB²°AM Tivoli Identity Manager °AOTtmAB
OqTA⌡µUC@G
1. JDBC XíATOªb⌡µñG
a. blºeA²Ωw°AM WebSphere Application Server úb⌡µ
ñCΣL÷ WebSphere Application Server ΩTA\ WebSphere
Application Server úσ≤C
b. s WebSphere Application Server zDxC
c. ÷@UΩ -> JDBC ΣCMß∩IC
d. ∩ d≥@°AAMß∩@°A]p server1A A÷@
UMC
e. JDBC úMµAMß÷ΓU ITIM JDBC úC
f. X∩A°uΣLevCMß÷@UΩC
g. b XuΩv∩ñA÷@UsuCoeX@h
TºAⁿXGC
pGóAΓ IBM DB2 ]wm≤TmCpGzΓ IBM
DB2 7.1 7.2 ftúnM≤Ab
WebSphere Application Server ºeA²⌡µ Shell ñ usejdbc2 Shell ScriptC
MßA@suCpGsuúqAτ enrole ID MKXOú
tmCpG IBM DB2 °AO°AANP@ IBM DB2
M≤hAMΩw°AMßC
: M≤ 3 N IBM DB2 7.1 ⌠Aα IBM DB2 7.2 @δ
ihCpGnΣLΩTA\ IBM Tivoli Identity Manager
NC
2. µ@°Aw Tivoli Identity Manager °ACpG°Aúb⌡µ
ñA Tivoli Identity Manager °AH⌠≤íCpGzO
IBM DB2A²Γ IBM DB2 ]wm≤mAA WebSphere
Application ServerC
÷@Ul -> í -> IBM WebSphere -> Application Server v5.0 ->
°AC]iHΘJUCeG
WAS_HOME\bin\startServer.bat servername
54 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
pG
WAS_HOME\bin\startServer.bat server1
3. nJ Tivoli Identity ManagerC±ΦíAbs²°íΘJUo@µG
http://hostname/enrole
Σñ hostname Oⁿ⌡µ Tivoli Identity Manager °AπqúW IP C
:
a. únqP@ßqúAΓWs²Ñq@CoΓÑq@
úOP@Ñq@ IDA]ΩiαúDC
b. bw Tivoli Identity Manager ºßAYOLkaX Tivoli Identity Manager n
JABS Tº#Ads² (Microsoft Internet
Explorer) w]wCuScript @vqñu@ñ Script @v
]uvC
pGnd≤]wA⌡µUC@G
1) bs²uπCWA÷@Uuπ -> ⌠⌠⌠∩C∩uwvC
2) buwvWA@÷@UUCTñC@AMß÷qh
C
v ⌠⌠⌠
v í⌠⌠
v H⌠
3) Nu]wvMµuScript @vAMßNu@ñ Script @v]
uvC
4) w∩C@CA÷@UTwC
5) pGúzuzTwHv∩A÷@UOC
c. pG Tivoli Identity Manager w@wF WebSphere Application Server M
Tivoli Identity Manager ºßAzoLknJA⌡µUC@G
1) NnXßAnJtC
2) AnJ Tivoli Identity ManagerC
3) pGLknJ Tivoli Identity ManagerA½s≈A]\iH≤Y⌠
]wM WebSphere Embedded Messaging ΣεCDC
d. pGzOQµ@nJ\αnJA∩yÑAN /language [b⌠
ßC±ΦíAΘJG
https://mysite.myco.com/itim/enrole/language
ΣL÷tm Web s²w]yÑA\ IBM Tivoli Identity Manager t
mΓUC
4. ΘJ Tivoli Identity Manager z ID (itim manager) MKX]≥ bw
ºßΘJA O ″secret″C
5. nBJA]ITIM CΣLΩTA\uWí
IBM Tivoli Identity Manager Policy and Organization Administration GuideC
pb⌡µñºBz÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
5 µ@°AwGTivoli Identity Manager °A 55
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
°A-NzíqT
pGnN Tivoli Identity Manager tft Tivoli Identity Manager NzíA
πúATO Tivoli Identity Manager °AMNzíºíqTwC
∩≤ Tivoli Identity Manager Nzºuñ (Certificate Authority)v
≤ ITIM_HOME\cert ²ñCpGzQDΣ¼A\ IBM Tivoli
Identity Manager tmΓUAHSwNzíwΓUC
:
1. @w@Nzí]wAB²Γ]wwªºßAAwt@Nz
í]wCpGPwh]wAiαó Tivoli Identity Manager °A
½s≈C
2. pGw]yÑúO σAbw@ Tivoli Identity Manager NzíºeA
²∩oMⁿ Tivoli Identity Manager NzíyÑM≤ CDCⁿ
OµíAb Tivoli Identity Manager °AwNzíyÑM≤G
java -jar itimlp_agents_setup.jar
oNiH Tivoli Identity Manager yÑM≤wíFCpGn¿yÑM
≤w@AϕwíeπUCⁿC
: n⌡µ Tivoli Identity Manager yÑM≤wíAα≈qⁿOµs Java
Runtime Environment 1.3.1C
56 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
6 OwGTivoli Identity Manager °A
Níp≤bO\αOtmϕñAwMtm Tivoli Identity Manager °A
CboºeA²\¬ 9y Tivoli Identity Manager WebSphere ⌠
¡εzC
:
1. bO⌠ñATivoli Identity Manager wúw WebSphere Application
ServerCbOw Tivoli Identity Manager ºeA²wMtm WebSphere
≤C
2. Tivoli Identity Manager wbOWA@@íqúC
3. ÷íMM≤A\IBM Tivoli Identity Manager N
.
w@UoΓíG
v ylºez
v 63yw Tivoli Identity Manager °Az
lºe
blºeA⌡µUC@G
v MwAϕ (CD) M≤w Tivoli Identity ManagerCpGnΣL
ΩTA\ 87² A, yHMM≤úwMzC
v pGzO Orac le zΩwAo Orac le JDBC Xí
]classes12.zip s²ñC
v Pw²sb≤z⌠W WebSphere Application Server tmAO 9y
Tivoli Identity Manager WebSphere ⌠¡εzC@tmC
v ¿BJc WebSphere Application Server Cell H@hOAoeN
b 59y Network Deployment Manager OzM 95ytm
Tivoli Identity Manager Ozñ[HíC
v TwUCUb⌡µñG
ϕ 3. Uoíb⌡µñ
nΘ ΣLΩTA\G
Ωw 11 3 , yΩwtmz
²°A 23 4 , y²°Atmz
Network Deployment Manager 99yTO Network Deployment Manager M
INzíb⌡µñzWebSphere Application Server INz
í
WebSphere Application Server JMS °A
oO WebSphere Embedded Messaging Σ
: pGºew WebSphere MQ 5.3 sbA\
95y WebSphere MQ 5.3 zC
© Copyright IBM Corp. 2004 57
|
|
|
|
v Xi íMΩOΘDCpGnΣLΩTA\ IBM
Tivoli Identity Manager NC
: YX IBM Tivoli Identity Manager N nwΘDñí
íΣLDAwNóC
v πTzv¡]zCpGSAoov¡AMß½s
≈AAϕv¡C
v M≡DCpGnΣLΩTA\yM≡DzC
v bznw Tivoli Identity Manager qúWAyÑ⌠]wAϕAHTOy
ѵíoHδC
v WebSphere Application Server M≤ 2 ]Mw Web °AqúWC
bwM≤ºeA² ε Web °AC
: tmϕñiαnX WebSphere Web íAΣñ]Abπ WebSphere
Application Server Network Deployment qúWw WebSphere Web Server
íC
v TwbuScript @vqñAs² (Microsoft Internet Explorer) u@ñ Script
@v]uvCp⌡µ@÷ΩTA\ 82 y
Tivoli Identity Manager °AqTzC
v ¿tmΩTu@ϕC
M≡D
UOiαo≡DG
v bw Tivoli Identity Manager ºeA²Tw WebSphere 5.0 P@ SOAP ≡A
ObUCmwqG
– Uzñ com.ibm.ws.scripting.portG
WAS_NDM_HOME\properties\wsadmin.properties
– bUzñAserver1 SOAP_CONNECTOR_ADDRESS U≡G
WAS_NDM_HOME\config\cells\cell_name\nodes\node_name\serverindex.xml
pGoú@AUCBJ≤≡G
1. wsadmin.properties C
2. Γ com.ibm.ws.scripting.port A∩zb serverindex.xml ΣC
:
1. pG] SOAP ≡úTAwóA≤≡WµAMß½s⌡µ
runConfig ⁿOC
2. pG WebSphere Application Server Network Deployment M WebSphere Application
Server OwbP@tWA serverindex.xml HM
WebSphere Application Server Network Deployment Manager ≡C
v wªºßApGΩD≈≡P Tivoli Identity Manager ú@ATivoli
Identity Manager nJKóC
Tivoli Identity Manager ΩD≈≡O 80 M 9443CpGwqTA
h≡ 9443C
58 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
bqúWw@ WebSphere °AΩAiH Tivoli Identity Manager w
ΩD≈≡AⁿwTC
²pGbP@íqúWwG WebSphere °AΩ]p Network Deployment
ManagerANW Network Deployment Manager ≡C±ΦíAΩD
≈≡W 80 81AH 9443 9444CzN≡½stm Tivoli Identity
Manager XC
pGn≤ΩD≈≡As WebSphere zDxAMß⌡µUC@G
1. ÷@U⌠ -> ΩD≈ -> w]D≈ -> D≈OWC
2. NΩD≈≡∩ 80 H 9443C
3. NtmxsbDnxswA∩N≤PIPBC
4. ÷@U≤s Web °AíAMßA÷@UTwC
5. ½sOC
Network Deployment Manager O
: ÷ⁿw WebSphere Cell ΩTA\ 95ytm Tivoli Identity
Manager OzC
pGnOABbOJO¿Abw Tivoli Identity Manager ºeA
WebSphere zDx⌡µUC@G
1. nJ Network Deployment Manager zDxC
2. b¬íµñA÷@U°A -> OC
3. ÷@UsC
oeXusOv∩C
4. ΘJsOWCpAΘJ ITIM_CLUSTERC
:
a. pGznhO\αOA½⌡µoABⁿw@O
WApA ⁿw ITIM_UI_CLUSTERA@ú Tivoli Identity Manager
hOWAⁿw ITIM_WF_CLUSTERA@ú Tivoli Identity
Manager u@yht@OWC
b. OjpgC
5. Mß÷U@BC
oeXusO°Av∩C
6. ]znXO¿nⁿwAΘJsO¿WA∩ΣIAMß
A÷@UMC
ousO°Av∩AKXO¿MµCdo
≈MµATwsO¿wg[JC
7. t[JΣLO¿AΦkOΘJC@sO¿WAB∩Σ
IC¿í[JºßAA÷U@BC
oeXuKnv∩ACXO¿Cdo≈KnATwO¿
WM°AWúSC
6 OwGTivoli Identity Manager °A 59
8. ÷@U¿C
9. ÷@UOAizO≡AMßAdΣ¿C
10. pGOTⁿwA÷@UOAA÷@UxsAΓsOxs Network
Deployment Manager DnxswCΣL÷OxswA\ WebSphere
Application Server ⌡!úΩTCpGnΩTA\ viiiy
úyzC
: bxstmA∩N≤PIPBC
11. ≤s Web °AíCYno≥A÷@U⌠ -> ≤s Web °A
í -> TwC
OwΩTu@ϕ
blwºeA²¼UCΩTG
ΩwΩT
ziHw∩÷píΩwzt¼UCΩTG
z ID ______________________________
bwΩwz ID]db2InstanceName OⁿΩwΩ
CpAIBM DB2 w]pUG
v UNIXGdb2inst1
v WindowsGdb2admin
pGnΣLΩTA\ 11yIBM DB2 tmzC
zKX ______________________________
z ID KXC
ΩwW ______________________________
iⁿw Tivoli Identity Manager °As ΩwΦíCpGΩwOw
b⌠AhuΩwWvNOⁿΩwWC±ΦíAuΩwW
vO itimdbCpGΩwOwb⌠AhuΩwWvNOⁿ
ΩwOWWCΣL÷ catalog ⁿOⁿwΩwΩTA\ 14ytm IBM DB2 JDBC XízC
Ωw¼ ______________________________
tΩw¼CpAIBM DB2 NO@ΩwC
ΩwG
Ωw ______enrole__________________
Tivoli Identity Manager °AnJΩwbßC ID O
enroleC
: o ID Lk≤C
KX ______mypassword______________
Tivoli Identity Manager °AnJΩwbßKXC
IP ______________________________
60 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
Ωw°A IP CIBM DB2 úno@ΩC² Oracle M SQL
Server 2000 (SP3) Nno@ΩFC
≡ ______________________________
Ωw°A≡CIBM DB2 úno@ΩC² Oracle M SQL
Server 2000 (SP3) Nno@ΩFC
Aw°iUCΩwxs"ΩTCΩwxs"ΩTMw Tivoli Identity
Manager °AiH±Ωw JDBC suCpGnΣLΩTA\
IBM Tivoli Identity Manager tmΓUC
ziH⌠÷≤⌠DUCUG
leq
Tivoli Identity Manager °AiH±Ωw JDBC sul
eqW¡
Tivoli Identity Manager °AiH±Ωw JDBC suW¡
nJ≡ϕ
suíjϕ
²°AΩT
¼UCΩTG
D≈W ______________________________
²°AD≈πWCpAidentity1.mylab.mydomain.comC
¡zí DN m ______________________________
bumvµΘJ]pAdc=comAPzbtm LDAP
r]pAdc=comPCpGnΣLΩTA\ 23 4
, y²°AtmzC
zW ______________________________
buzWvµΘJAπb\h Tivoli Identity Manager
í eWXϕñC@δíAo±-qW≤
íC±ΦíAIBM Corporation NO@WC
: ziHboµΘJµr (ASCII) rArrC
w]g ______________________________
buw]gvµñΘJAOb IBM Directory Server í
ANϕzCoqO-qWgC±ΦíAibmcorp NO@
gC
: uw]gvµuαΘJµr (ASCII) rAp σ
IDC
°Ωxs ______________________________
°ΩxsAOtΩiµd\CziH⌠÷⌠
Dw] (1)C
≡ ______________________________
6 OwGTivoli Identity Manager °A 61
²°A Ñ≡Ap 389C
DΘ DN ______________________________
DΘOW IDCpAcn=rootC
KX ______________________________
bw²°ADΘOW ID KXC
Aw°i Tivoli Identity Manager °Aαs LDAP suxs
"UC LDAP suxs"ΩTµCpGnΣLΩTA\ IBM Tivoli
Identity Manager tmΓUC
ziH⌠÷≤⌠DUCUG
xsjpW¡
⌠≤ LDAP suxs"hiH su
xsljp
w∩ LDAP suxs"lsu
Wqp
@.suúbñACnD@suAN[J LDAP suxs"ϕñ
suC
WebSphere Application ServerOwΩT
Otm WebSphere Application Server wπUCµCpGnΣLΩTA
\ 95ytm Tivoli Identity Manager OzC
OW _____________________________zºebc WebSphere Application Server Cell OWCpG
Oµ@OA ITIM_CLUSTER WCpGO\αOA
ITIM_UI_CLUSTER M ITIM_WF_CLUSTER WCiµµ@°AwA
úXoµC
: zΘJOWMΣL WebSphere IDAújpgC
w² ______________________________
WebSphere Application Server Base w²CpASolaris w]²O
/opt/WebSphere/AppServerCpGwgw WebSphere Application Server BaseA
NΓoµϕ@C
Oⁿh
πzblt AΣΘx/lCtziH]w INFO M
FATAL ºíuOⁿhvµXA∩ΘxCOⁿhU
Y½AtαUA]oϕgΘxΩTU,C
l≤°AW
SMTP l≤°AObΣd≥CSMTP D≈Ol≤hDC
w]w
UCµOXbuttmwvWC
u[Kv∩
iN Tivoli Identity Manager eñΩwKXBLDAP H
WebSphere Application Server z ID [K
62 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
í°Az
i²z]wMTUCKXG
t
WebSphere Application Server ID MKXCzub
uWebSphere swvA&nΘJoΩCoNO
b 103yJ2EE wzΓBJí wasadmin
IDC
EJB
bw@ºe²wqMKXCzub
uWebSphere swvA&nΘJoΩCoNO
b 103yJ2EE wzΓBJí itimadmin
IDC
: pGoµbªXwgw²±nAΣñiαtwasadmin CNoµ∩ itimadminC
Tivoli Identity Manager ΩT
NU÷ Tivoli Identity Manager ΩTG
[K≈
o≈iHO⌠≤µryCΣO Tivoli Identity Manager KXM
ΣL≈Kσr[KC b e n R o l e . p r o p e r t i e s ñOxs
enrole.encryption.passwordC
Oⁿh
πzblt AΣΘx/lCtziH]w INFO M
FATAL ºíuOⁿhvµXA∩ΘxCOⁿhU
Y½AtαUA]oϕgΘxΩTU,C
l≤°AW
SMTP l≤°AObΣd≥CSMTP D≈Ol≤hDC
ID ____itim manager________
Tivoli Identity Manager IDCwºßw]O itim managerCb
nJ Tivoli Identity Manager Ao IDC
KX ____secret______________
Qⁿw itim manager Tivoli Identity Manager z ID KXC
bwºßYw]KXO secretC
: zbnJ Tivoli Identity Manager °AA≤zbßKXC
w Tivoli Identity Manager °A
UoyANíbOtmñw Tivoli Identity Manager °A≤≥
C
6 OwGTivoli Identity Manager °A 63
Γ Tivoli Identity Manager °AwbOtmñG
: w Tivoli Identity Manager °AA²oAXz⌠ CDCpG
nΣLΩTA\ 87 ² A, yHMM≤úwM
zC
1. wbw Network Deployment Manager qúWCwAú Tivoli Identity
Manager ΩwM²°AltmC
2. wbC@íπO¿qúWC
23. Owy
64 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
: TwzºeTΩwg¿ 57ylºezúBJC
pGnw Tivoli Identity Manager °AA⌡µUC@G
1. y²luw∩vMuvv°íz
2. 66y∩w¼Mw]w²z
3. 67y∩Ωwz
4. 67y¿Owz
5. 70yⁿw WebSphere swz
6. 72yⁿw[K≈B\¬emwKnz
7. 73ywiMΣLtmíz
8. 80yOwΘxM²z
9. 80y¿wtmz
10. 82y Tivoli Identity Manager °AqTz
²luw∩vMuvv°í
wO)@tCuw∩vMuvv°íª⌡CpGn²l°íA
⌡µUC@G
1. nJznw Tivoli Identity Manager °AqúC
:
a. zπtzMvbßnJ (Administrator)C
2. N Tivoli Identity Manager ú CD íJ≈ñC
3. ÷@Ul -> ⌡µC
4. ΘJz≈NAMßAΘJUzⁿOG
instWIN-WAS.exe
oeuw∩v°íC
: YznJbßS⌡µ instWIN-WAS.exe \ivAhzPbß\i
v⌡µC
5. pGn≤weMyÑA÷@UΦe σUΣA∩t@
yÑAMß÷@UTwC
24. uw∩v°í
6 OwGTivoli Identity Manager °A 65
|
|
|
: o∩ú∩ Tivoli Identity Manager íHß⌡µyÑM
≤C
oeuvXv°íC
6. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
∩w¼Mw]w²
oeu∩w¼v°íC
1. ∩O\αOAMß÷U@BC
: oXß≥°íA²zⁿw\αOOúO UI WF h@íCp
Gz∩O@w¼ANúXo°íC
oeu½nΩTv°íC
2. τ WebSphere Network Deployment Manager M WebSphere INzí
úiHB@AMßA≥iµCpGnΣLΩTA\ 99yTO
Network Deployment Manager MINzíb⌡µñzCMß÷U@BC
oeu∩w²v°íC
3. ⁿ Tivoli Identity Manager w] c:\itim45 w²AO÷@U∩... ¿Σúⁿwt@²CMß÷U@BC
:
a. bOtmñA∩OñCíqúW Tivoli Identity Manager w²ⁿw
PmCbwºeA²Twz∩mNúAϕíiw
bCíqúWC
25. u∩w¼v°í
66 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
b. bO⌠]@δ\αOñAO¿w²WúO
PCⁿwP²AKyßbúPO¿qúWoO HR
í⌡µDCpAbO¿qúWⁿw \itim45
²CADSML ¡≈ΘJMebC@IP@²
ñC
∩Ωw
oeu∩Ωw¼v°íC
∩UC@Ωw¼AMß÷U@BG
v IBM DB2 qΩw
v OracleCpGnΣLΩTA\ 16yTivoli Identity Manager Oracle
wMtmzC
v SQL Server 2000 (SP3). pGnΣLΩTA\ 22ySQL Server 2000
tmzC
¿Ow
oeu∩OI¼v°íC
1. ∩@I¼Cz²Γ Tivoli Identity Manager wbww Network
Deployment Manager qúWAAΓ Tivoli Identity Manager wbO¿WC
: z]iHΓ Network Deployment Manager MO¿AwbP@íqúWC
úLoíqúπnOΘBtMiíAiHtXBu@
qC
oeu∩\αO¿Ωµv°íC
26. u∩OI¼v°í
6 OwGTivoli Identity Manager °A 67
|
|
|
|
|
: pGzºeOⁿw\αO@w¼ANXUo°íCpGz∩O@w¼ANúXo°íC
2. pGO\αOA∩oíqúOuUI Ov¿AOuu@yOv¿C
Mß÷U@BC
: únPⁿw UI O¿Mu@yO¿P@íqúC
oeX@Ω°íAnDzΘJ@hOWC
3. pGOµ@]@δOAΘJ@OWAp itim_clusterC
27. u∩\αO¿Ωµv°í
68 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
∩aApGw¼O\αOAo°íKnDzΘJhOWC
4. ΘJzºewq Network Deployment Manager OWCMß÷U@BC
pGOO¿wAoeKX@uΘJ LDAP ²ΩTv°íC
28. uWebSphere Application Server Ωv°í]OW
29. uWebSphere Application Server Ωv°í]\αOw
6 OwGTivoli Identity Manager °A 69
: pG Tivoli Identity Manager wOⁿw Network Deployment ManagerAN
úXo°íC
5. buLDAP ²ΩTv°íµñAΘJzºeXºΩTu@ϕΩC
C@O¿oΩTAúXzºeb Network Deployment Manager i
µDn Tivoli Identity Manager wAs@ LDAP WµCC@O¿
ΩTú PCpGnΩTA\ 61 y²°AΩ
TzCMß÷U@BC
ⁿw WebSphere s w
oeuWebSphere wv°íC
30. uLDAP ²ΩTv°í
70 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
pGuWebSphere swvA÷@Uw WebSphere wC
oXt@°íAnDzⁿw WebSphere Application Server ID MKXC
oNOb 103yJ2EE wzºΓBJí wasadmin IDC
ΘJ ID MKXAMß÷U@BC
31. uWebSphere wv°í
32. uWebSphere zv°í
6 OwGTivoli Identity Manager °A 71
ⁿw[K≈B\¬emwKn
oeXuⁿw[K≈v°íAß≥ OuwKnv°íC
1. ΘJ[K≈A[K≈iHO⌠≤µryCΣO Tivoli Identity Manager
KXMΣL≈Kσr[KC b enRole.properties ñOxs
enrole.encryption.passwordCMß÷U@BC
oeuemwKnv°íACXznw≤Bπi
íHw²]p c:\itim45C
2. ²Twwgπ íAMßA÷@UwC
bw@nDqA@tCwi°íCpGqúπn
ΩΦnXCU¡Aoqiαo°C
33. uⁿw[K≈v°í
72 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
wiMΣLtmí
wbYqw Tivoli Identity Manager °ACwºßAe
XΣL°íG
1. ub WebSphere Network Deployment Manager qúWiµw@A&
XUC°íG
a. ΩwtmCpGnΣLΩTA\yTivoli Identity Manager Ωw
ltmzC
b. ²°ACpGnΣLΩTA\ 75yTivoli Identity Manager
º²ltmzC
2. b WebSphere Network Deployment Manager O¿qúWiµw@
LñA@ttm°íA²ztm Tivoli Identity ManagerCpGnΣ
LΩTA\ 75yTivoli Identity Manager ltmzC
Tivoli Identity Manager Ωwltm
oew∩UCtmA@Ωwtm°íG
v µ@°A
v bw Network Deployment Manager qúWAiµO\αOw
otmíiHtmeABb Tivoli Identity Manager Ωw]wϕµC
⌡µUC@G
1. ϕeXuTivoli Identity Manager Ωwtmv°íAΘJAϕC
34. uwiv°í
6 OwGTivoli Identity Manager °A 73
: Tivoli Identi ty Manager wús Oracle JDBC Xí
]classes12.zip CpGzO Oracle zΩwAhϕzΩ
wsuA¼ java.lang.ClassNotFoundException TºC
Yn≤oDA⌡µUC@G
a. ÷@U°AhXΩwtmí≥w@C
b. ϕw¿A⌡µUC@G
1) N Oracle JDBC Xí]classes12.zip qz²e
²szebΣWw IBM Tivoli Identity Manager ºqúW
ITIM_HOME/lib ²ñC
po Oracle JDBC Xí]classes12.zip º÷Ω
TA\ 87² A, yHMM≤úwMzC
ps²÷ΩTA\lw Tivoli Identity Manager ºe
n⌡µez@MµC
2) oXUCⁿOuΩwtmv°íG
ITIM_HOME\bin\DBConfig
3) ¿ΩwtmC
4) εO¿°AC
5) O¿°AC
2. ±g Tivoli Identity Manager ΩwΩwtmµCpGΩwO IBM
DB2AhuIP vMu≡vµe(ΓC²ΣLΩwú±goµ
C±ΦíAuΩwWvuOWvAO itimdb Cuz IDv
µAhOUC@G
v UNIXGdb2inst1
v WindowsGdb2admin
pGnΣLΩTA\ 12ytm IBM DB2 °AzC
35. uΩwtmv°í
74 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3. ÷@UCϕzQΩwºßAuΩwtmv°íñu IDv
MuKXvµAK¿@ñµC
4. boµ±gAϕAMß÷@U≥C
Tivoli Identity Manager º²ltm
oew∩UCtmA@²°Atm°íG
v µ@°A
v bw Network Deployment Manager qúWAiµO\αOw
ziHΘJAϕA∩²°AiµltmAδ Tivoli Identity ManagerC
⌡µUC@G
1. ΘJuLDAP °AΩTvµC±ΦíAuD≈WvµANO⌡µ
²°AºqúπD≈WC
2. ÷@UCϕzQ²°AsuºßAu¡zí²ΩTv
qñµN¿@ñC
3. u¡zí DN mvO dc=my_suffixAªiHⁿw Tivoli Identity
Manager rCpGnΣLΩTA\ 24yⁿw Tivoli Identity
Manager rzCboµ±WAϕAMß÷@U≥C
Tivoli Identity Manager ltm
w¼únuttmv°íW Tivoli Identity Manager °Aú
A≤Ωw°AB²°AMΣLAG
1. u@δvO@tCtm Tivoli Identity Manager °Auttmv
ϕñ@C
36. u²tmv°í
6 OwGTivoli Identity Manager °A 75
u@δvµw²±nCΣL÷oµΩTA\ IBM
Tivoli Identity Manager tmΓUttmΩTC
2. ÷@U²C
oeu²v°íC
nA∩²°AΩTCpGoOO¿wA≥oΩT
Xºew∩ Network Deployment Manager ] LDAP WµC
pGoOO¿wAz÷sC÷@UCo X
@°íAiDzwgQsuC÷@UTwA÷¼°íC
3. ÷@UΩwC
oeuΩwv°íC
37. u@δv°í
38. u²v°í
76 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
4. ΘJ Tivoli Identity Manager ΩwuΩwWvsuΩTC±ΦíAuΩ
wWviαO itimdbCw] ID O enroleCpGoOO¿
wA≥oΩTXºew∩ Network Deployment Manager ]Ω
wWµC
pGoOO¿wAz÷sC÷@UCpGQ
ªANuΩwxs"ΩTvqñΣlµC÷@UTwA÷¼°
íC
5. ÷@UOⁿCoeuOⁿv°íCziH ⁿw] WARNA
⌠αqAΓo∩oyL@IC
6. ÷@Ul≤A
ul≤v°íC
39. uΩwv°í
40. uOⁿv°í
6 OwGTivoli Identity Manager °A 77
7. bul≤vΘJAMß÷@UTwCΣL÷oµΩ
TA\ IBM Tivoli Identity Manager tmΓUC
:
a. u¡z°A URLvµANO Proxy °A URL ]pAn
J Tivoli Identity Manager IBM HTTP ServerC
b. ΓH≤HA∩z⌠ Tivoli Identity Manager tzqll≤
Co@wn≤AhNeUúl≤WCqll≤
C
8. ÷@U UIC
oe UI °íC
41. ul≤v°í
42. UI °í
78 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
9. ⁿ UI w]A∩xMΩTAⁿwQ-qquw∩vπ
eM⌠CuMµjpviⁿw MµWCXXCp
GnΣLΩTA\ IBM Tivoli Identity Manager tmΓUCMß÷@U
TwC
10. ÷@UwC
oeuwv°íC
pGzºe∩∩ WebSphere Application Server wAoµNw
²±nCpGS WebSphere Application Server wAoµNOd#C
:
a. uEJB MKXvµlANOutMKXvµCz
iαo∩uEJB MKXvµCEJB ID °,≤ 12
rC
b. pGzbottmuwv°íñA≤ EJB ID EJB KX
A≥bw Tivoli Identity Manager ºßA⌡µ@ΓBJAN
wñΓ∩M ITIM Tivoli Identity ManagerC
11. ÷@UTwA¿ttmC
12. ATwΣL]AX⌡µ Tivoli Identity Manager M÷í
tmC
43. uwv°í
6 OwGTivoli Identity Manager °A 79
OwΘxM²
¿ttmºßAOoUCwΘxmG
ϕ 4. wΘxWM²
W ²
dbConfig.stdoutldapConfig.stdoutitim45_installer_debug.txtrunConfig.stdout]OwrunConfigTmp.stdout (on single server
and Network Deployment Manager)
ITIM_HOME/install_logs
itim45_install.stdoutitim45_install.stderr
t ²
Tivoli_Identity_Manager_InstallLog.log pGwQ¿Ah²
ITIM_HOMECpGwóAΘx±
bWindows αWC
÷ WebSphere Application Server wΘxA\ WebSphere Application
Server σ≤C
¿wtm
pGzQn J2EE wA⌡µΓBJA¿∩M@ABbw Tivoli
Identity Manager ºßA½s J2EE wCpGnΣLΩTA\UC@
G
v 104yµIípbw Tivoli Identity Manager ºßΓBJz
v 107yhIípbw Tivoli Identity Manager ºßΓBJz
v Tw was.policy sbCpGnΣLΩTA\ 108 ytm
was.policy zC
bw Tivoli Identity Manager ºß runConfigbw Tivoli Identity Manager ºßAH runConfig ⁿOA¿UCíttmG
v ≤ enrole KXC
v ⁿwKX[KAH≤s Tivoli Identity Manager EJB ID MKXCpGn
ΣLΩTA\ 75yTivoli Identity Manager ltmzñAut
tmv°íWíC
ΣL÷ runConfig ⁿOΩTA\ IBM Tivoli Identity Manager tm
ΓUC
∩wyÑM≤
w Tivoli Identity Manager ºßApGw]yÑúO σA∩oMⁿ
Tivoli Identity Manager °AyÑM≤ CDCⁿOµíwyÑM≤C±
ΦíAΘJUo@µG
java -jar itimlp_setup.jar
80 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
oNiH Tivoli Identity Manager yÑM≤wíFCpGn¿yÑM≤
w@AϕwíeπUCⁿC
: n⌡µ Tivoli Identity Manager yÑM≤wíAα≈qⁿOµs Java
Runtime Environment 1.3.1C
∩wq HTTP Ñq@≥
ziH∩ WebSphere Application Server wq HTTP Ñq@≥CΣL
ΩTA\ WebSphere ΩTñ HTTP Ñq@zσ≤C
: Y WebSphere Application Server b Tivoli Identity Manager OϕñóFA
Ñq@≥]ú²@δPo@IC
τµ÷A]w
τ WebSphere Application Server µ÷A]w≈jA¼HBz Tivoli
Identity Manager u@qC÷∩o]wΩTA\ 100ytm
WebSphere Application Server µ÷A]wzCpGzú∩]wBzu@
qA≥nDiαb@ 3¿ºeNOC
≤s Web °Aí
w¿ºßA≤s Web °AíCYno≥As WebSphere
Application Server zDxAMß÷@U⌠ -> ≤s Web °Aí -> T
wC
O
wªABnw∩]ú¿ºßA½sOCb
WebSphere zDx⌡µUC@G
1. ÷@U°A -> OC
2. ∩ Tivoli Identity Manager OC
3. ÷@UC Tivoli Identity Manager bOC
ziH∩bOϕñ⌠≤qúROúí⌡µUzⁿOAO¿
G
ITIM_DIR\bin\win\ssCluster start
:
1. bww Network Deployment Manager qúW⌡µoⁿOAπOC
2. oⁿO] JMS °AC
ziH∩bOϕñ⌠≤qúROúí⌡µUzⁿOA εO¿
G
ITIM_DIR\bin\win\ssCluster stop
: bww Network Deployment Manager qúW⌡µoⁿOA επOC
6 OwGTivoli Identity Manager °A 81
Tivoli Identity Manager °AqT
pGnΩwB²°AM Tivoli Identity Manager °AOTtmAB
OqTA⌡µUC@G
1. JDBC XíATOXíbSwO¿W⌡µG
a. blºeA²Ωw°AM WebSphere Application Server úb⌡µ
ñCΣL÷ WebSphere Application Server ΩTA\ WebSphere
Application Server úσ≤C
b. Γ IBM DB2 ]wm≤TmCpGzΓ IBM DB2 7.1 7.2
ftúnM≤Ab WebSphere Application
Server ºeA²⌡µ Shell ñ usejdbc2 Shell ScriptCMßA@suC
pGsuúqAτ enrole ID MKXOú tmCpG IBM
DB2 °AO°AANP@ IBM DB2 M≤hAM
Ωw°AMßC
: M≤ 3 N IBM DB2 7.1 ⌠Aα IBM DB2 7.2 @δ
ihCpGnΣLΩTA\ IBM Tivoli Identity Manager
NC
c. s WebSphere Application Server zDxC
d. ÷@UΩ -> JDBC ΣCMß∩IC
e. ÷@Us²°ACMß∩°AAA÷@UMC
f. JDBC úMµAMß÷ΓU ITIM JDBC úC
g. Γ X∩AuΣLevíµCMßbuΣLevíµ
ñA÷@UΩC
h. b XuΩv∩ñA÷@UsuCoeX@h
TºAⁿXGC
2. Tivoli Identity Manager °AH⌠≤íC
÷@Ul -> í -> IBM WebSphere -> Application Server v5.0 ->
°AC
3. nJ Tivoli Identity ManagerC±ΦíAbs²°íΘJUo@µG
http://hostname/enrole
Σñ hostname Oⁿ⌡µ Tivoli Identity Manager °AπqúW IP C
:
a. únqP@ßqúAΓWs²Ñq@CoΓÑq@
úOP@Ñq@ IDA]ΩiαúDC
b. pGzOQµ@nJ\αnJA∩yÑAN /language [b⌠
ßC±ΦíAΘJG
https://mysite.myco.com/itim/enrole/language
ΣL÷tm Web s²w]yÑA\ IBM Tivoli Identity Manager t
mΓUC
82 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
c. bw Tivoli Identity Manager ºßAYOLkaX Tivoli Identity Manager n
JABS Tº#Ads² (Microsoft Internet
Explorer) w]wCuScript @vqñu@ñ Script @v]
uvC
pGnd≤]wA⌡µUC@G
1) bs²uπCWA÷@Uuπ -> ⌠⌠⌠∩C∩uwvC
2) buwvWA@÷@UUCTñC@AMß÷qh
C
v ⌠⌠⌠
v í⌠⌠
v H⌠
3) Nu]wvMµuScript @vAMßNu@ñ Script @v]
uvC
4) w∩C@CA÷@UTwC
5) pGúzuzTwHv∩A÷@UOC
4. ΘJ Tivoli Identity Manager z ID (itim manager) MKX]≥ bw
ºßΘJA O ″secret″C
5. nBJA]ITIM CΣLΩTA\uWí
IBM Tivoli Identity Manager Policy and Organization Administration GuideC
pb⌡µñºBz÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
°A-NzíqT
pGnN Tivoli Identity Manager tft Tivoli Identity Manager NzíA
πúATO Tivoli Identity Manager °AMNzíºíqTwC
∩≤ Tivoli Identity Manager Nzºuñ (Certificate Authority)v
≤ ITIM_HOME\cert ²ñCpGzQDΣ¼A\ IBM Tivoli
Identity Manager tmΓUAHSwNzíwΓUC
:
1. @w@Nzí]wAB²Γ]wwªºßAAwt@Nz
í]wCpGPwh]wAiαó Tivoli Identity Manager °A
½s≈C
2. ϕC@Nz]wúwbπ WebSphere Application Server Network
Deployment qúWA≤sUCG
ITIM_HOME\data\CustomLabels.properties
oΦ]tXbⁿw]w¼ºbß ITIM GUI ñα½C
w∩wbπ WebSphere Application Server Network Deployment ºqúC@
Nz]wAz]≤s CustomLabels.properties AªbC@ UI O
¿]YO3\αO@AhO¿WúCzqπ
W e b S p h e r e A p p l i c a t i o n S e r v e r N e t w o r k D e p l o y m e n t qúN
CustomLabels.properties H FTP eC@O¿C
6 OwGTivoli Identity Manager °A 83
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3. bOtmϕñAwNzí]w@C≤nbOtmwNz
í]wA\SwNzíNzíwΓUC
4. WebSphere Application Server tmnDNzí ≈mAPw
Tivoli Identity Manager °A ≈m@CpAYOzNNz]ww
bΣ Tivoli Identity Manager °Awb d:\ITIM_HOME O¿WAh
≤ d:\ITIM_HOME\cert ²WCWebSphere Application Server tm]
ⁿw d:\ITIM_HOME\cert ²C
5. pGw]yÑúO σAbw@ Tivoli Identity Manager NzíºeA
²∩oMⁿ Tivoli Identity Manager NzíyÑM≤ CDCⁿ
OµíAb Tivoli Identity Manager °AwNzíyÑM≤G
java -jar itimlp_agents_setup.jar
oNiH Tivoli Identity Manager yÑM≤wíFCpGn¿yÑM
≤w@AϕwíeπUCⁿC
: n⌡µ Tivoli Identity Manager yÑM≤wíAα≈qⁿOµs Java
Runtime Environment 1.3.1C
sWúO¿
NísWúO¿C
HsqúXRO
pGnb Tivoli Identity Manager O[JsO¿A⌡µUC@G
: oBJOQºeúb WebSphere Cell ϕñqúAXROCoNO⌠¡
O@dC
1. WebSphere Application Server zDxAsO¿CpGnΣL
ΩTA\ 99yNI[J Cell ϕñzC
2. WebSphere Application Server zDxAbIW[JsO¿CpG
nΣLΩTA\ 99yOzC
3. bsqúW⌡µ Tivoli Identity Manager wA∩O¿wC
4. ≤s Web °AíCYno≥As WebSphere Application Server
zDxAMß÷@U⌠ -> ≤s Web °Aí -> TwC
5. WebSphere Application Server zDxAsO¿C
HP@íqúXRO
z]iHQO¿P@íqúA[JΣLO¿AXRO
C
⌡µUC@G
1. bO¿bqú WebSphere Application Server zDxWAs
O¿C
: oNO½O@dC
2. ≤s Web °AíCYno≥As WebSphere Application Server
zDxAMß÷@U⌠ -> ≤s Web °Aí -> TwC
84 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
3. WebSphere Application Server zDxAsO¿C
úO¿
pGnΓqúW@O¿úA⌡µUC@G
v pGqúWu@O¿A⌡µUC@G
1. ⌡µ Tivoli Identity Manager úwíCpGnΣLΩTA\
127² G, yúw Tivoli Identity ManagerzC
2. b WebSphere Application Server zDxWAqORúO¿C
3. ≤s Web °AíCYno≥As WebSphere Application Server
zDxAMß÷@U⌠ -> ≤s Web °Aí -> TwC
v pGqúWnXO¿]½OA⌡µUC@G
1. b WebSphere Application Server zDxWAqORúO¿C
2. ≤s Web °AíCYno≥As WebSphere Application Server
zDxAMß÷@U⌠ -> ≤s Web °Aí -> TwC
6 OwGTivoli Identity Manager °A 85
² A. HMM≤úwM
HUUú Tivoli Identity ManagerG
v ⁿ Tivoli Identity Manager 4.5.0 Σ¡xíM≤Cp
ooM≤÷ΩTA\ yo 4.5.1 M≤zC
v Tivoli Identity Manager 4.5.1 Σs¡xº (CD)C
p CD eA\H CD Mú ITIM-4.5.1-CD-IMAGES.txt C
v ]t²e Tivoli Identity Manager 4.5.0 í CDC
pⁿΣ¡xΣí÷ΩTA\IBM Tivoli Identity Manager
NC
WebSphere í PQ77521 úb CD 4.5.1 wMW
ú CD Tivoli Identity Manager 4.5.1 wMW3úí
PQ77521C[ Messaging Interim Fix for WebSphere Application Server 5.0.2
H≤ WebSphere Embedded Messaging Σ MQJMS2013 XA C
Tº@µpUG
[8/6/03 13:30:54:484 EDT] f341ce J2CXAResource W J2CA0061W: Error creatingXA Connection and Resource javax.resource.spi.ResourceAdapterInternalException:createQueueConnection failed atcom.ibm.ejs.jms.JMSCMUtils.mapToResourceException(JMSCMUtils.java:123)
±ΦíApG WebSphere Application Server bu@y⌡µ εANiαoo
C3¿µ÷OLk A²pGzMíANiH ΩC
nooíAΘJUo@µAso⌠G
http://www.ibm.com/support/docview.wss?uid=swg24005451
o 4.5.1 M≤
bUC⌠Woⁿ Tivoli Identity Manager 4.5.0 Σ¡xº Tivoli Identity
Manager 4.5.1 M≤G
http://www-1.ibm.com/support/dlsearch.wss?rs=644&q;=&tc;=SSTFWV&dc;=D420&loc;=en_US&cs;=utf-8⟨=en&sort;=desc&rankfile;=8&p;=1
pAM≤WⁿUíG
4.5.1-TIM-platform-WAS-0001.zip
Σñ platform O@O AIX C
⌡µUC@G
1. s IBM Online Software Σ⌠C
a. bUC⌠Wn²zH IBM uW IDG
http://www.ibm.com/software/support/
© Copyright IBM Corp. 2004 87
|
|
|
|
|
|
||
|
|
|
|
|
|
|
b. ÷@UíAHo¿u≤s@Xv∩ºq÷ΩTC
c. b IBM Online nO@Xñúz ßX]) IBM Passport
Advantage Software Maintenance Agreement ⁿwC
4.5.0
Tivoli Identity Manager °A 4.5.0 úUC (CD)CpG3NCX CD
Ap IBM ΣñC
yÑM≤ CDUϕNCXyÑM≤ CD eC
ϕ 5. yÑM≤ CD e
ú W
yÑM≤ itimlp_setup.jar, itimlp_agents_setup.jar
Tivoli Identity Manager ≥íX Solaris CD] WebSphereApplication Server
UϕNCX Tivoli Identity Manager ≥íX Solaris CD] WebSphere
Application ServereG
ϕ 6. Tivoli Identity Manager ≥íX Solaris CD] WebSphere Application Servere
ú W
Tivoli Identity Manager 4.5 ]WebSphere
Application Server
instSOL-WAS.bin
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
Tivoli Identity Manager ≥íX Solaris CD]D IBM í°A
UϕNCX Tivoli Identity Manager ≥íX Solaris CD]D IBM
í°A(WebLogic) eG
ϕ 7. Tivoli Identity Manager ≥íX Solaris CD] WebLogice
ú W
Tivoli Identity Manager 4.5 ]WebLogic instSOL-WL.bin
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
R Solaris CD 1UϕNCXR Solaris CD 1 eG
ϕ 8. R Solaris CD 1 e
ú W
WebSphere Application Server Base 5.0
M≤ 2
was50_fp2_solaris.zip
88 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
ϕ 8. R Solaris CD 1 e (≥)
ú W
WebSphere Appl icat ion Server Network
Deployment 5.0 M≤ 2
was50_nd_fp2_solaris.zip
WebSphere Application Server Base 5.0.2
í (APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server Network Deployment 5.0.2
í (APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP s
í (APAR PQ77263)
PQ77263.zip
R Solaris CD 2UϕNCXR Solaris CD 2 eG
ϕ 9. R Solaris CD 2 e
ú W
IBM Directory Server 5.1 ids510-solaris-ismp-us.tar
IBM Directory Server 5.1 M≤ 1 FP510S-01.tar.Z
IBM Directory Server πí DelRef/aix/libdelref.a
DelRef/hpux/libdelref.sl
DelRef/nt/libdelref.dll
DelRef/sun/libdelref.so
Tivoli Identity Manager 4.5 tm DelRef/timdelref.conf
R Solaris CD 3UϕNCXR Solaris CD 3 eG
ϕ 10. R Solaris CD 3 e
ú W
IBM DB2 8.1 M≤ 2]32 M 64 Sol-FP2_U486567.tar.Z
R Solaris CD 4UϕNCXR Solaris CD 4 eG
ϕ 11. R Solaris CD 4 e
ú W
Oracle Type 4 JDBC Xí classes12.zip
Oracle Type 4 JDBC Xív LI_en
Tivoli Identity Manager ≥íX AIX CD] WebSphereApplication Server
UϕNCX Tivoli Identity Manager ≥íX AIX CD] WebSphere
Application ServereG
² A. HMM≤úwM 89
ϕ 12. Tivoli Identity Manager ≥íX AIX CD] WebSphere Application Servere
ú W
Tivoli Identity Manager 4.5 ] WebSphere
Application Server
instAIX-WAS.bin
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
Tivoli Identity Manager ≥íX AIX CD]D IBM í°A
UϕNCX Tivoli Identity Manager ≥íX AIX CD]D IBM í
°A(WebLogic) eG
ϕ 13. Tivoli Identity Manager ≥íX AIX CD] WebLogice
ú W
Tivoli Identity Manager 4.5 ]WebLogic instAIX-WL.bin
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
R AIX CD 1
: )≤jp¡εA]R CD WSú AIX M≤ 2 (IBM DB2)C
pGno AIX M≤ 2 (IBM DB2)AsUo FTP ⌠G
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aix5v8/fixpak/FP2_U486566/
sUo⌠G
http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/v8fphist.d2w/report#AIX5
UϕNCXR AIX CD 1 eG
ϕ 14. R AIX CD 1 e
ú W
WebSphere Application Server Base 5.0
M≤ 2
was50_fp2_aix.zip
WebSphere Appl icat ion Server Network
Deployment 5.0 M≤ 2
was50_nd_fp2_aix.zip
WebSphere Application Server Base 5.0.2
í (APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server Network Deployment 5.0.2
í (APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP s
í (APAR PQ77263)
PQ77263.zip
90 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
R AIX CD 2UϕNCXR AIX CD 2 eG
ϕ 15. R AIX CD 2 e
ú W
IBM Directory Server 5.1 ids510-aix-ismp-us.tar
IBM Directory Server 5.1 M≤ 1 FP510A-01.tar
IBM Directory Server πí DelRef/aix/libdelref.a
DelRef/hpux/libdelref.sl
DelRef/nt/libdelref.dll
DelRef/sun/libdelref.so
Tivoli Identity Manager 4.5 tm DelRef/timdelref.conf
R AIX CD 3UϕNCXR AIX CD 3 eG
ϕ 16. R AIX CD 3 e
ú W
Oracle Type 4 JDBC Xí classes12.zip
Oracle Type 4 JDBC Xív LI_en
Tivoli Identity Manager ≥íX HP-UX CD]D IBM í°A
UϕNCX Tivoli Identity Manager ≥íX HP-UX CD]D IBM í
°A(WebLogic) eG
ϕ 17. Tivoli Identity Manager ≥íX HP-UX CD] WebLogice
ú W
Tivoli Identity Manager 4.5 ] WebLogic instHPUX-WL.bin
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
Tivoli Identity Manager ≥íX Windows 2000 CD]
WebSphere Application ServerUϕNCX Tivoli Identity Manager ≥íX Windows 2000 CD]
WebSphere Application ServereG
ϕ 18. Tivoli Identity Manager ≥íX Windows 2000 CD] WebSphere ApplicationServere
ú W
Tivoli Identity Manager 4.5 ] WebSphere
Application Server
instW2K-WAS.exe
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
² A. HMM≤úwM 91
Tivoli Identity Manager ≥íX Windows 2000 CD]D IBM í
°A
UϕNCX Tivoli Identity Manager ≥íX Windows 2000 CD]D IBM
í°A(WebLogic) eG
ϕ 19. Tivoli Identity Manager ≥íX Windows 2000 CD] WebLogice
ú W
Tivoli Identity Manager 4.5 ]WebLogic instW2K-WL.exe
ReadMeFirst σ≤ Docs-ReadMeFirst.pdf
R Windows 2000 CD 1UϕNCXR Windows 2000 CD 1 eG
ϕ 20. R Windows 2000 CD 1 e
ú W
WebSphere Application Server Base 5.0
M≤ 2
was50_fp2_win.zip
WebSphere Appl icat ion Server Network
Deployment 5.0 M≤ 2
was50_nd_fp2_win.zip
WebSphere Application Server Base 5.0.2
í (APAR PQ75794)
PQ75794.zip
WebSphere Application Server Base M WebSphere
Application Server Network Deployment 5.0.2
í (APAR SOV62778)
ibmorb.jar
WebSphere Application Server JSP s
í (APAR PQ77263)
PQ77263.zip
R Windows 2000 CD 2UϕNCXR Windows 2000 CD 2 eG
ϕ 21. R Windows 2000 CD 2 e
ú W
IBM Directory Server 5.1 ids510-windows-us.zip
IBM Directory Server 5.1 M≤ 1 FP510W-01.zip
IBM Directory Server πí DelRef\aix\libdelref.a
DelRef\hpux\libdelref.sl
DelRef\nt\libdelref.dll
DelRef\sun\libdelref.so
Tivoli Identity Manager 4.5 tm DelRef\timdelref.conf
92 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
R Windows 2000 CD 3UϕNCXR Windows 2000 CD 3 eG
ϕ 22. R Windows 2000 CD 3 e
ú W
IBM DB2 8.1 M≤ 2 W2K-FP2.zip
R Windows 2000 CD 4UϕNCXR Windows 2000 CD 4 eG
ϕ 23. R Windows 2000 CD 4 e
ú W
Oracle Type 4 JDBC Xí classes12.zip
Oracle Type 4 JDBC Xív LI_en
² A. HMM≤úwM 93
² B. WebSphere ⌠
Nízbµ@°AOtmw Tivoli Identity Manager °AºeA
WebSphere Application Server ⌠@δBJCpGOOtmA NúwPt
m WebSphere Application Server Network Deployment M WebSphere Application Server
Base BJC
: pGnΣLΩTA\ WebSphere Application Server wσ≤C
w WebSphere Application Serverbw WebSphere Application Server ºeA²Tw¼≈i íAiHN
úYCpGnΣLΩTA\ IBM Tivoli Identity Manager N
C
WebSphere MQ 5.3
WebSphere Embedded Messaging °AMß]WebSphere Embedded Messaging Σ
O Tivoli Identity Manager n WebSphere 5.0 ≤CpGnQwo
WebSphere ≤Aú IBM MQSeries 5.2 ]pGªwgbqúWC
pGqúW WebSphere MQ 5.3 Abw WebSphere Embedded Messaging
ΣßM°AºeA²wUC WebSphere MQ ≤G
v π CSD03 ≤sí WebSphere MQ 5.3
v °AM Java T WebSphere MQ S
YnPwA⌡µ WebSphere MQ ú mqver -íC
pGnΣLΩTA\ WebSphere Application Server wσ≤C
τ≡ 9090 i
WebSphere Application Server tXΣzDx≡ 9090CpGtWwb
≡Ahz WebSphere zDx∩úPi≡CziHΘJUCⁿOA
≡ObñG
netstat -an
tm Tivoli Identity Manager O
OwMtmpUG
1. 96yw WebSphere Application Server Network Deploymentz
2. 97yw IBM HTTP Server M WebSphere Web °Aíz
3. 98yN Base wbC@IWz
4. 99yNI[J Cell ϕñz
5. 99yTO Network Deployment Manager MINzíb⌡µñz
© Copyright IBM Corp. 2004 95
|
ºßAz@hOAí≤ 59y Network Deployment Manager
OzC
w WebSphere Application Server Network Deployment
: pGoO@AWebSphere Application Server Network Deployment 5.0 Ni
HⁿJ Tivoli Identity Manager 4.4.x Dnn°AC
pGnw WebSphere Application Server Network DeploymentA⌡µUC@G
1. PqúO¼≈OΘMi íC
2. ²onM≤ APAR]pGCpGnΣLΩTA
\ IBM Tivoli Identity Manager NC
3. ⁿlú CDC÷ú CD ΣeΩTA\ 87² A,
yHMM≤úwMzC
4. ΘJUCⁿOA WebSphere Application Server Network Deployment wíG
drive:\nt\LaunchPad.bat .\nt
5. bl∩ñA ⁿvDC
wídnΘC±ΦíAªiαoíApAπΘ
σrr¼C\ WebSphere Application Server Network Deployment
úσ≤ApG⌠≤zo½níAN[HC
: bdnΘAwíºew WebSphere Application Server
Network Deployment ABπ@αM@s∩CpGzµ²Γ
WebSphere Application Server Network Deployment PsbA∩
FPsb∩s ≡AMßq@s∩∩≡Cbw
FAz≤≤ W A S _ N D M _ H O M E \ p r o p e r t i e s U
wsadmin.properties ñ SOAP suº≡Xs≡C
6. ÷U@BC
oeX@∩A²z∩ Network Deployment \αC
7. ⁿw]AMß÷U@BC
oeX@∩ACXUCΩTGwa²Bπh,
íHeh,iíC
8. ⁿ∩w]²ATw¼≈ íiHiµwAMß÷U@BC
oeX@∩AnDzΘJIWBD≈WM Cell WC
9. ⁿw]AΘJnDµCpG
IW
ziH ⁿw]rΩAú@NqrΩO IC
pGhostname
D≈W IP
ziHΘJqúπD≈W IP C
Cell W
ziHΘJO Cell C±ΦíAΘJG
ITIM_CELL_A1
96 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
10. ½÷U@BA²UC∩G
v wKn
v wi
v ún²
v ¿
v ¿
11. unBJv∩Aªúz°AAH⌡µwτCz
iHbUo⌠szDxG
http://networkdeploymenthost:9090/admin
Σñ networkdeploymenthost Oⁿzw WebSphere Application Server Network
Deployment ºqúπD≈WC
: pGΓ WebSphere Application Server Network Deployment PsbA
Γw]≡½¿zbwtm≡C
12. w Fix Pack APARC
: bwM≤ APAR ºeA² ε WebSphere Application Server
Network Deployment tCpGnΣLΩTA\ IBM Tivoli Identity
Manager NC
w IBM HTTP Server M WebSphere Web °Aí
pGnw IBM HTTP Server M WebSphere Web Server íA⌡µUC@G
1. ⁿlú CDC÷ú CD ΣeΩTA\ 87² A,
yHMM≤úwMzC
2. WebSphere Application Server Base úw@C
3. ²UCw∩A ⁿw]C
4. pGw∩úUC∩A÷@U∩ ⁿ½stmG
Reconfigure the product to coexist with other versions of itself
5. ²u@thdvAH²ΣLdnΘ∩C
6. ϕeXto∩∩A∩qC
7. ÷U@BC
oeX@\α∩∩C
8. b\α∩∩WAu∩UCG
v IBM HTTP Server
v Web Server í]w∩ IBM HTTP Server
9. ÷U@BC
oeX@∩Aπw]²AHiMní
C
: pGow[c0ΓPe@w[cPsbAhw]w²iH≤ IBM HTTP Server 5.0A]ªP IBM HTTP Server 4.0 wt
w]²úPC
² B. WebSphere ⌠ 97
|
|
|
10. ⁿw]²A∩A∩qúi íC÷U@
BC
oeX@∩ACXznw\αΣmC
11. ½÷U@BA²ß≥tUC∩G
v i°i
v ún²
v ¿
12. oMwn WebSphere Application Server Base M≤AΣñ]t IBM
HTTP Server íCpGnΣLΩTA\ IBM Tivoli Identity
Manager NC
ú WebSphere Web °Aítm
ú WebSphere Web Server ítmCbwíºeA² ε
IBM HTTP ServerC⌡µUC@G
1. nJ Network Deployment Manager zDxC
2. qDx¬íµñA÷@U⌠ -> ≤s Web °Aí -> TwA≤s
Web °AíCoNb NDM_HOME\config\cells ñú Web °A
ítm plugin-cfg.xmlC
3. ϕí≤sªºßA÷@UxsAΓztmxsDnxswC
: xstmA∩uN≤PIPB.vC
4. pG IBM HTTP Server wb Network Deployment Manager qúWA
τ http_server_installdir\conf\httpd.conf tmñtUo@µC
: pG IBM HTTP Server M Network Deployment Manager OwbúPqú
WANú⌡µoBJC
WebSpherePluginConfig drive:"\Program Files\WebSphere\DeploymentManager\config\cells\plugin-cfg.xml"
N Base wbC@IW
ziHw WebSphere Application Server BaseAb¡ Cell ¿C@IWA
½UCBJG
1. WebSphere Application Server Base wíC
2. ²∩AX@∩Cznw\αεC
:
a. bdnΘAwíºew WebSphere Application Server
Base ABπ@αM@s∩CpGzµ²Γ
WebSphere Application Server Base PsbA∩FPsb
∩s ≡AMßq@s∩∩≡Cbw⌠Az≤≤
WAS_HOME\AppServer\properties U wsadmin.properties ñ SOAP su
º≡Xs≡C
b. FúαAε Web Dx@o⌠≤DAzúnwd
íBíXPípuπH WebSphere Application Server t Ant
-íC
3. ÷U@BC
98 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
oeX@∩ACXznw\αCqMµñ∩zn
\αC
4. ½÷U@BA²ß≥tUC∩G
v i°i
v ún²
v ¿
5. wM≤CpGnΣLΩTA\ IBM Tivoli Identity Manager
NC
6. ⌡µUC@A²sIJ Cell ϕñG
a. 1½ WebSphere bin l²C
b. HUCⁿO°AG
startServer server1
NI[J Cell ϕñ
blºeA² WebSphere Application Server (server1) bzn[J Cell ñ
IW⌡µC
ziHb Network Deployment Manager zDxW⌡µUC@ANI[J Cell
ϕñG
1. ÷@Utz -> CellC
2. U@∩A÷@UutmvIC
3. b XuIv∩ϕñA÷@UsWICⁿwID≈WM≡A
Mß÷@UTwC
oeX@i∩A°iosWI@C
z]iH⌡µ addNode.bat ScriptAΓI[J Cell ϕñAMßA⌡µ startNode.bat
ScriptC±ΦíAbzn[JIqúWΘJUCⁿOG
drive:"\Program Files\WebSphere\AppServer\bin\addNode.bat serverNodeName 8879"drive:"\Program Files\WebSphere\AppServer\bin\startNode.bat"
O
ziHb Network Deployment Manager zDxW⌡µUC@OG
1. ÷@U°A -> OC
2. bß≥X∩ñA÷@UsC
3. ΘJOWA∩Aϕ°AAMß÷U@BC
4. ±gusO°Av∩Aⁿw@O¿AMß÷@UMCpGnt
ⁿwΣLO¿A½oⁿw@C¿MµºßA÷U@BC
5. dO¿KnATwO¿MµTCMßA÷@U¿C
6. ∩uN≤PIPB.vAMßNtmxsDnxswC
TO Network Deployment Manager MINzíb⌡µñ
FTO Network Deployment Manager M WebSphere Application Server I
Nzíb⌡µñA⌡µUC@G
² B. WebSphere ⌠ 99
|
1. ΘJUCⁿOAbw Network Deployment Manager qúWszDxG
http://NDM_host:9090/admin
pGnP Network Deployment Manager ¼AAiHbw Network Deployment
Manager qúW⌡µUC@G
drive:"\Program Files\WebSphere\DeploymentManager\bin\serverStatus.bat"
pGnP JMS °ABí°AMINzí¼AAiHbw
WebSphere Application Server Base qúW⌡µUC@G
drive:"\Program Files\WebSphere\AppServer\bin\serverStatus.bat"
2. oBJO]ww Tivoli Identity ManagerCPOTwqMⁿwC@
I JDBC Xí⌠⌠M ITIM_HOMECb Network Deployment
Manager zDxA÷@U⌠ -> z WebSphere C±ΦíAd
MµA ITIM_HOME OTC
3. C@O¿INzíBJMS °AMí°ACpA÷@
U°A -> °AC÷@UΣñ@°A]p server1∩AM
ßA÷@UC
4. bINzíºßAYnTw INzíOb⌡µñA÷@Ut
z -> INzíCoe@°íACXINzíΣ¼AC
5. oBJO]ww Tivoli Identity ManagerCbs²ΘJ⌡µ IBM HTTP Server
qú⌠G±ΦíAΘJG
http://myhost.mylab.mycity.mycompany.com/enrole
oXuTivoli Identity Manager nJveCnJ Tivoli Identity Manager
íC
tm WebSphere Application Server µ÷A]w
w] WebSphere Application Server µ÷A]w*CALkBzjí
u@qC]Az∩oµ÷A]wAHKµ÷OípoC
w] WebSphere Application Server µ÷A]wpUG
v µ÷R¡O = 120
v ßú@O = 60
z,nΓoΓOú¬ 1200 M 600CpGz0Γiµjq@Aiα
n]o≤¬CziHQ WebSphere Application Server zDx∩oΓC
UCNíp≤≤µ÷A]wCpGznΩ@ Tivoli Identity Manager O
tmAbOC@¿½⌡µoC
1. nJ WebSphere Application ServerA WebSphere Application Server zD
xC
2. ∩°A -> í°AADx¬Σ≡¼cñΣAMß∩
z°AWC
3. buΣLevqñA∩µ÷AC
4. tXzwu@qA∩uµ÷R¡OvMußú@
Ov]wC
100 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
² C. w q
NíziHB⌡µ Tivoli Identity Manager ⌠úwCΣDD
pUG
v yJ2EE wz
v 109ytm HTTP °AΣLΦkz
J2EE w
pG J2EE wAªTOgLOAπn\iviHs Tivoli
Identity Manager Enterprise Java Bean (EJB) ≤Ctmow≤@A]AF
tmO≈εMn²bCΓBJhn°íp@O≤µItmOh
ItmwC
ΣBJpUG
1. bw Tivoli Identity Manager ºeA²HΓΦítmO≈εMn²C
2. bw Tivoli Identity Manager Aⁿww ID MKXC
3. bwºßAHΓΦíNz∩M Tivoli Identity Manager ñΓC
tmµIípw
Níp≤HΓΦíAw∩µIíptm J2EE wC
bw Tivoli Identity Manager ºeAw∩µIípΓBJ
pGntm J2EE w≤Abw Tivoli Identity Manager ºe⌡µUC@G
ⁿwz: ⌡µUC@ⁿwzG
1. b@tn²ñA∩@zCb UdϕñA
o@utv wasadminC
2. b@tn²ñA∩t@zCb Udϕ
ñAo@uEJB v itimadminC
ⁿwO≈εMn²: nⁿwO≈εMn²A⌡µUC@G
1. WebSphere z°ABnJDxC
2. ÷@Uw -> s wC
3. ∩UC∩G
v @ñO≈εGSWAM]í WebSphere O≈ε
v @ñn²G OS
4. xstm≤C
tm OS n²: ntm OS n²A⌡µUC@G
1. ÷@Uw -> n²-> OSC
2. ΘJt ID (wasadmin) MKXC
3. xstm≤C
© Copyright IBM Corp. 2004 103
w: wC⌡µUC@G
1. ÷@Uw -> s wC
2. ÷@UwC
3. pGzn Java 2 wA∩a÷@Ujε Java 2 wCun∩o
∩AíúΣ Java 2 wC
4. xstm≤C
bµIípw: pGnbµIípwA½s WebSphere z
°ACz°AAiαⁿw WebSphere z ID MKXCpG
WAS_HOME\bin\stopServer server1 [-username wasadmin -password wasadminpassword]WAS_HOME\bin\startServer server1 [-username wasadmin -password wasadminpassword]
µIípbw Tivoli Identity Manager ºßΓBJ
pGn¿ J2EE w≤tmAbw Tivoli Identity Manager ºß⌡µUC
@G
Nz∩M Tivoli Identity Manager ñΓ: pGnNz∩M Tivoli
Identity Manager ñΓA⌡µUC@G
1. b WebSphere Application Server zDxWA÷@Uí -> °
íC
2. ÷@U enRoleC
3. UAbuΣLev÷@UNwñΓ∩M/sC
4. ∩ ITIM_SYSTEM ∩C
5. ÷@Ud\C
6. ÷@UjMC
7. qMµñ∩ EJB (itimadmin)C
8. Mß÷@UTwC
9. dUún∩uC@HvuwOHv∩C
: Fε3gvsµA o∩C
10. xstm≤C
tm was.policy : Tw was.policy sb≤IUz²UG
WAS_HOME\config\cells\<cellname>\applications\enRole.ear\deployements\enrole\META-INF
oh∩ Tivoli Identity Manager 3ª⌡µ\ivC÷Mohú
∩ Tivoli Identity Manager IH⌠≤¡εA²O Java 2 wAOiHb
WebSphere zΣLí⌡µwO@CpGoúsbAqú CD
MΣMs Abⁿw²U C
ejpUG
grant codeBase "file:;$application" permission java.security.AllPermission;;
HtM EJB ≤s Tivoli Identity Manager tm: pGz≤∩Ft
M EJB AhHstM EJB A≤s Tivoli
Identity Manager tmC⌡µUC@G
104 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
1. uttmvíCΦkOΘJUzⁿOG
ITIM_HOME\bin\runConfig
2. ∩uwvC
oeuwv°íC
3. Hzb OS n²ñ wasadmin IDA≤sutvµ
ΣKXC
4. Hzb OS n²ñ itimadmin IDA≤suEJB vµ
ΣKXC
5. Mß÷@UTwC
bµIíp½s Tivoli Identity Manager: pGnbµIípwA
beXú½s Tivoli Identity Manager BnJC±ΦíApGn½s
Tivoli Identity ManagerAΘJUCⁿOG
ITIM_HOME\bin\itim stop wasadmin wasadminpasswordITIM_HOME\bin\itim start wasadmin wasadminpassword
]ww]O Oíj: pGtúb@ñwF@wíAwONCw]O 120 A²pGn Tivoli Identity ManagerAoqíiαú
šC
: bYtWAΩOíjiα±ⁿwíj≤uCOiᲬznJC]oOA½ Network Deployment ManagerBOM
INzíC
FTOOí≈jA¼HKoNOA⌡µUC@G
1. s WebSphere Application Server zDxC
2. ÷@Uw -> τ -> LTPA -> OC
3. ΓOííjA]j≤z⌠wtD@íjW¡C
44. uwv°í
² C. wq 105
tmhIípw
Níp≤HΓΦíAhIíptm J2EE wC
hIípbw Tivoli Identity Manager ºeΓBJ
pGntm J2EE w≤Abw Tivoli Identity Manager ºe⌡µUC@G
hIw]w LDAP: pGnhIw]w LDAPA⌡µUC@G
1. ²°AzuπAµ ou=wasSecurity,dc=comAΣñ com O
ⁿQrC
2. H½≤ cn=wasadmin,ou=wasSecurity,dc=comCbodϕñA
WebSphere Application Server zOⁿwutv(wasadmin)C
]wUCµG
v sn=wasadmin
v uid=wasadmin
v userPassword=wasadminpassword
3. AH½≤ cn=itimadmin,ou=wasSecurity,dc=comCbodϕ
ñATivoli Identity Manager zOⁿw EJB (itimadmin)C]w
UCµG
v sn=itimadmin
v uid=itimadmin
v userPassword=itimadminpassword
]wO≈εMn²: pGn]wO≈εMn²A⌡µUC@G
1. WebSphere z°AABnJDxC
2. ÷@Uw -> s wC
3. ∩UC∩G
v @ñO≈εGLTPA]p¼²≈c
v @ñn²GLDAP
4. xstm≤C
tmO≈ε: pGntmO≈εA⌡µUC@G
1. ÷@Uw -> τ≈ε -> LTPAC
2. MT LTPA O≈εKXC
3. xstm≤C
tm LDAP n²: pGntm LDAP n²A⌡µUC@G
1. ÷@Uw -> n²-> LDAPC
2. ∩UC∩G
v °A ID = wasadmin
v °AKX = wasadminpassword
v ¼ = directoryservertype
Σñ directoryservertype Oⁿ²°AAp IBM_Directory_ServerC
v D≈ = ITIM LDAP server hostname
106 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
v ≥OW (DN)Gou=wasSecurity,dc=com
v sOW (DN)GΘJsOWAp cn=rootC
v sKXGΘJsOWKXC
v újpgG∩o∩
3. xstm≤C
w: nwA⌡µUC@G
1. ÷@Uw -> s wC
2. ÷@UwC
3. pGzn Java 2 wA∩a÷@Ujε Java 2 wCun∩o
∩AíúΣ Java 2 wC
4. xstm≤C
bhI⌠w: pGnwA⌡µUC@G
1. bπ Network Deployment Manager qúWΘJG
WAS_NDM_HOME\bin\stopManager [-username wasadmin -password wasadminpassword]WAS_NDM_HOME\bin\startManager [-username wasadmin -password wasadminpassword]
2. bΣLπINzíqúWΘJG
WAS_HOME\bin\stopNode [-username wasadmin -password wasadminpassword]WAS_HOME\bin\startNode [-username wasadmin -password wasadminpassword]
3. ½sOC⌡µUC@G
a. H wasadmin ID MKXAbDxnJ WebSphere z°AC
b. ÷@U°A -> OC
c. ∩ OC
d. ÷@UεAMßA÷@UC
4. ½s JMS °AC⌡µUC@G
a. nJ WebSphere z°AC
b. ÷@U°A -> JMS °AC
c. ∩ °AC
d. ÷@UεAMßA÷@UC
hIípbw Tivoli Identity Manager ºßΓBJ
pGn¿ J2EE w≤tmAbw Tivoli Identity Manager ºß⌡µUC
@G
Nz∩M Tivoli Identity Manager ñΓ: pGnNz∩M Tivoli
Identity Manager ñΓA⌡µUC@G
1. b WebSphere Application Server zDxWA÷@Uí -> °
íC
2. ÷@U enRoleC
3. UAbuΣLev÷@UNwñΓ∩M/sC
4. ∩ ITIM_SYSTEM ∩C
5. ÷@Ud\C
6. ÷@UjMC
² C. wq 107
7. qMµñ∩ EJB (itimadmin)C
8. Mß÷@UTwC
9. dUún∩uC@HvuwOHv∩C
: Fε3gvsµA o∩C
10. xstm≤C
tm was.policy : Tw was.policy sb≤ Network Deployment Manager
IUz²UG
WAS_NDM_HOME\config\cells\<cellname>\applications\enRole.ear\deployements\enrole\META-INF
oh∩ Tivoli Identity Manager 3ª⌡µ\ivC÷Mohú
∩ Tivoli Identity Manager IH⌠≤¡εA²O Java 2 wAOiHb
WebSphere zΣLí⌡µwO@CpGoúsbAqú CD
MΣMs Abⁿw²U C
ejpUG
grant codeBase "file:;$application" permission java.security.AllPermission;;
ziHN WebSphere Application Server Network Deployment tmP Cell ñIP
B.C½s Tivoli Identity Manager OC
bhI⌠½s Tivoli Identity Manager: pGn½s Tivoli Identity
ManagerA⌡µUC@G
1. ÷@U°A -> OC
2. ∩OW∩C
3. ÷@UεCÑO εºßAA÷@UC
]ww]O Oíj: pGtúb@ñwF@wíAwONCw]O 120 A²pGn Tivoli Identity ManagerAoqíiαú
šC
: bYtWAΩOíjiα±ⁿwíj≤uCOiᲬznJC]oOA½ Network Deployment ManagerBOM
INzíC
FTOOí≈jA¼HKoNOA⌡µUC@G
1. s WebSphere Application Server zDxC
2. ÷@Uw -> τ -> LTPA -> OC
3. ΓOííjA]j≤z⌠wtD@íjW¡C
J2EE w
pGn WebSphere zDx J2EE wA⌡µUC@G
1. ÷@Uw -> s wC
2. ú∩] wM Java wC
3. εMßAINzíBJMS °AMí°AC
108 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
tm HTTP °AΣLΦk
pGnúBwO@Ab Tivoli Identity Manager wºßAtm IBM
HTTP Server HTTP °AA²ª≤ Cell íqúWCo]Aw Web
°ABq Network Deployment Manager sMtm Web °AAb°A
ⁿJMtm WebSphere C
UO Solaris ¡xW IBM HTTP Server Apache dCtXz¡x∩
UCBJG
1. bíqúWwMtm HTTP °AC
2. b http_server_dir/conf ²UA@s WebSphere ²C
3 . ΓUCq N e t w o r k D e p l o y m e n t M a n a g e r qús
http_server_dir/conf/WebSphere ²G
v was_deployment_mgr/bin/mod_ibm_app_server_http.so
v was_deployment_mgr/config/cells/plugin-cfg.xml
v was_deployment_mgr/etc/plugin-key.kdb
v was_deployment_mgr/etc/plugin-key.sth
4. b Cell íqúWAHσrsΦ plugin-cfg.xml ABiµUC∩G
v Γ w a s _ d e p l o y m e n t _ m g r / e t c / ²C@ΩA∩
h t t p _ s e r v e r / c o n f / W e b S p h e r e ²C]NOíAΓ r e p l a c e
/ o p t / W e b S p h e r e / D e p l o y m e n t M a n a g e r / e t c ½¿
/opt/IBMHttpServer/conf/WebSphereC
45. W[wO@]w HTTP °Atm
² C. wq 109
v Γ http_plugin.log ²A∩ http_server/logsC]NOíAΓ
/ o p t / W e b S p h e r e / A p p S e r v e r / l o g s / h t t p _ p l u g i n . l o g ½¿
/opt/IBMHttpServer/logs/http_plugin.logC
5. HσrsΦ http_server_home/conf/httpd.conf ²Ab [WU
XµG
# WebSphere plugin settingsLoadModule ibm_app_server_http_module http_server/conf/WebSphere/mod_ibm_app_server_http.soWebSpherePluginConfig http_server/conf/WebSphere/plugin-cfg.xml
±ΦíAΘJUo@µG
# WebSphere plugin settingsLoadModule ibm_app_server_http_module /opt/IBMHttpServer/conf/WebSphere/mod_ibm_app_server_http.soWebSpherePluginConfig /opt/IBMHttpServer/conf/WebSphere /plugin-cfg.xml
: N WebSphere Application Server M≤ 2 ]wbw WebSphere
Web Server íqúWC
110 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
² D. q Tivoli Identity Manager 4.3 Tivoli IdentityManager 4.5 ß 4.5.1 C
Níp≤N²eΩM⌡Aq WebLogic Tivoli Identity Manager 4.3
A WebSphere Application Server Tivoli Identity Manager 4.5 C
Yn¿αA WebLogic Tivoli Identity Manager 4.3 wN²
WebLogic Tivoli Identity Manager 4.5 Co Tivoli Identity
Manager 4.3 ΩwM LDAP ²A²ªP Tivoli Identity Manager 4.5 eC
¿l@ºßAs WebSphere Application Server Tivoli Identity
Manager 4.5 ANwbtwΩ¿AB[HtmC
b¿²e≤OwΩ¿ñtm Tivoli Identity Manager 4.5 BJº
ßAz Tivoli Identity Manager 4.5.1 wMAN Tivoli Identity Manager 4.5
4.5.1 CpGnΣLΩTA\ 123² F, yq Tivoli
Identity Manager 4.5 4.5.1 zC
lºe
bq Tivoli Identity Manager 4.3 Tivoli Identity Manager 4.5 ºeA⌡
µUC@G
1. tXs Tivoli Identity Manager DAN⌠≤≤ Tivoli Identity Manager
⌠nΘA[HMtmCΣñ]]AΩwM²°AC
2. b²°AAy Tivoli Identity Manager l≡ñAMΣ enrole
rΩ]újpgCpGt enrole rΩAorΩK∩¿ itimC
úF ITIM_HOME\data\enRoleUnchangedAttributes.properties CºA
ú⌡µo@C
biµºeA²N Tivoli Identity Manager 4.3 LDAP l≡eAX
LDIF CMßb LDIF jM enrole rΩCpGzotúb
≤A⌡µUC@G
a. bw Tivoli Identity Manager 4.5 A∩ LDAP ²∩ C
b. sΦ ITIM_HOME\data\enRoleUnchangedAttributes.properties A[Jo
WC
c. HΓΦíIs LDAP ²C
3. ²²°AB⌡µC
4. ≈µ Tivoli Identity Manager ΩTAΣñ]AeMtm]wCo
≤ ITIM_HOME\data ñC
5. bºeATw Tivoli Identity Manager GUI mñεCwMúAB½
soXw≤]pπúwRúCq Tivoli Identity Manager 4.3 O 4.4
Tivoli Identity Manager 4.5 ºßAúOdu@yCbºeAY
3Twu@ybómñAhϕ Tivoli Identity Manager ¬be@w
½soXm≤AiαPßXº¼pC
© Copyright IBM Corp. 2004 111
|
|
|
|
|
|
|
|
|
|
|
|
|
|
b⌡µºeAbPw Tivoli Identity Manager εCOºßAε Tivoli
Identity Manager]²Oún ε WebLogic ServerC
@tτ Tivoli Identity Manager u@yObómñΦkAOd
u@yεCñTº]]Au@yMu@ymCziH WebLogic
Admin Console dεCC
⌡µUC@G
v WebLogic Admin ConsoleC
v b≡¼cñz⌠C
v ÷@U⌠≡¼cñA -> JMS -> °A -> JMSServerC
v ÷@Ukíµñu°vC
v ÷@U°@ñ JMS aC
v ÷@UTºC
CXεCºuTºvúOsC
6. TwΩw°Awb⌡µñC
pGzO Oracle Tivoli Identity Manager ΩwAiHPMv
uenrolevbßnJ SQLPlusC@δÑA Oracle usystemviH
PoMvC
pAQUínJG
sqlplus system/password@itim_db_instance
P\ivuenroleviHu⌠≤vCΘJUzⁿOG
SQL> GRANT CREATE ANY PROCEDURE to enrole;
hXÑq@CΘJUzⁿOG
SQL> quit;
q WebLogic Tivoli Identity Manager 4.3 WebLogic TivoliIdentity Manager 4.5
NíΓ WebLogic Tivoli Identity Manager 4.3 A WebLogic
Tivoli Identity Manager 4.5 A⌡µBJCbw WebSphere
Application Server Tivoli Identity Manager 4.5 ºeA²⌡µo@C
1. Is Tivoli Identity Manager 4.5 WebLogic wíAiµw
δFAeXuzw BEA Weblogic Server 7.0 Hv∩εC
2. ÷@U C
oeXuzn≥wHv∩C
3. ÷@UOC
oeXuznbw Weblogic Server OHv∩C
4. ÷U@BA ⁿw] WebLogic Server ²C
oeXu∩wΩ¿v∩C
112 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
5. ΘJ Tivoli Identity Manager 4.3 l²C
oeXuznHv∩C
6. ÷@UOC
oeXuznbw LDAP ²Hv∩C
7. ÷@UOCoNiHl LDAP ²@C
: ziH∩ A∩bwºßA LDAP ²CwºßAIs bin ²
U ldapUpgrade -íC
≤s⌡ºßAeNXuwg¿Ωw⌡v∩C
8. ÷@UTwC
LDAP ªºßAeNXu²°A⌡MΩwgQFv∩
C
oANΓ WebLogic Tivoli Identity Manager 4.3AQ WebLogic
Tivoli Identity Manager 4.5 FC
WebSphere Application Server w Tivoli Identity Manager 4.5
Níp≤b WebLogic Tivoli Identity Manager 4.3 ⌠wqñA
w WebSphere Application Server Tivoli Identity Manager 4.5 C
1. Is Tivoli Identity Manager 4.5 WebSphere wíA÷iµwδ
FAeXu∩w²v∩εC
2. ∩@Ω¿AwPl Tivoli Identity Manager 4.3 w[cúP Tivoli
Identity Manager 4.5CpAitim45C
oeXu∩Ωw¼v∩C
3. ∩l Tivoli Identity Manager 4.3 w[cΩw¼C
4. ≥iµ@δwAXuIBM Tivoli Identity Manager Ωwtmv∩
C
5. ÷@U°C
oeXu²tmv∩C
6. ÷@U°C
oeXuttmuπv∩C
7. ∩u²vAΘJ²°AsuΩTC
8. ÷@UAτzΘJsuΩTTC
9. ∩uΩwvAΘJΩwsuΩTC
10. ÷@UAτzΘJsuΩTTC
11. ÷@Uul≤vA
ul≤v°íC
12. Nu¡z°A URLvµA∩z°AAMß÷@UMC
13. ÷@UTwA¿w@C
² D. q Tivoli Identity Manager 4.3 Tivoli Identity Manager 4.5 ß 4.5.1 C 113
|
|
|
|
|
oANΓ WebSphere Application Server Tivoli Identity Manager 4.5 w
ªFC
tmsw
NízΓ WebLogic Tivoli Identity Manager 4.3 α WebSphere
Application Server Tivoli Identity Manager 4.5 AiµtmBJCo
BJnÑzΓ WebLogic Tivoli Identity Manager 4.3 WebLogic
Tivoli Identity Manager 4.5 AB]wF WebSphere Application Server
Tivoli Identity Manager 4.5 ºß&⌡µC
1. Γ CustomLabels.properties q Tivoli Identity Manager 4.3 data lΩ¿A
s Tivoli Identity Manager 4.5 data lΩ¿C
2. Tivoli Identity Manager 4.3 enRole.properties xseA∩ Tivoli
Identity Manager 4.5 enRole.properties ñUCeG
v enrole.defaulttenant.id
v enrole.organization.name
q 4.5 4.5.1
b¿²e≤OwΩ¿ñtm Tivoli Identity Manager 4.5 BJº
ßA Tivoli Identity Manager 4.5.1 wMAN Tivoli Identity Manager 4.5
4.5.1 CpGnΣLΩTA\ 123² F, yq Tivoli
Identity Manager 4.5 4.5.1 zC
114 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
² E. q Tivoli Identity Manager 4.4.x Tivoli IdentityManager 4.5 ß 4.5.1 C
Níp≤q Tivoli Identity Manager 4.4.x Tivoli Identity Manager 4.5
MßA 4.5.1 CPNíp≤Nµ@°AMO Tivoli Identity
Manager tm[HC
Tivoli Identity Manager ¿UC@G
v NnΘCztXs Tivoli Identity Manager DAN⌠≤≤
Tivoli Identity Manager ⌠nΘA[HMtmCΣñ]]AΩ
wM²°AC
v Tivoli Identity Manager wíw Tivoli Identity Manager 4.5 CTivoli
Identity Manager wí]tXs Tivoli Identity ManagerANΩwϕµB
²°A⌡He[HC
v b¿²e Tivoli Identity Manager 4.5 BJºßA Tivoli Identity
Manager 4.5.1 wMAN Tivoli Identity Manager 4.5 4.5.1 C
pGnΣLΩTA\ 123² F, yq Tivoli Identity Manager 4.5
4.5.1 zC
:
1. úⁿA]znwMtm WebSphere Application Server 5.0
sw[cAOP WebSphere Application Server 4.0 PsbC
bΓ WebSphere Application Server w[c@s⌠UATO
WAS_HOME\properties\wsadmin.propertiesñ com.ibm.ws.scripting.port AP
server1 SOAP_CONNECTOR_ADDRESS U≡@:
WAS_HOME\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
pGΓú@AKLkQíp Tivoli Identity Manager Mtm Tivoli Identity
Manager/WebSphere Application ServerC
pGzúµOd WebSphere Application Server 4.0 w[cA²Q
WebSphere Application Server 4.0 úwíAHΓΦíNªúwC
2. pGzQn Tivoli Identity Manager 4.5 wíw WebSphere Application
Server 5.0 A²úwUCúG
v WebSphere Application Server 4.0
v IBM MQSeries
v IBM MQSeries ΣM≤ MA88
3. ºßA²efMΘxΩAPsΩNú@w÷FC
lºe
bq Tivoli Identity Manager 4.4.x Tivoli Identity Manager 4.5 ºeA
⌡µUC@G
© Copyright IBM Corp. 2004 115
|
|
|
|
|
|
|
|
|
|
|
|
1. ≈µ WebSphere Application Server tm]wAΣñ]A Tivoli Identity
Manager 4.4.x ]wbCoO≤ WAS_HOME\config UC
2. ≈µ Tivoli Identity Manager ΩTAΣñ]AeMtm]wCo
≤ ITIM_HOME\data ñC
3. ≈²°AC\Aϕúσ≤C
4. ≈ΩwC\Aϕúσ≤C
5. ²w⌠XWV Tivoli Identity Manager 4.5 ≥DCpG
nΣLΩTA\ IBM Tivoli Identity Manager NC
6. tX Tivoli Identity Manager 4.5 wDAN²°AMΩwnΘC
pGnΣLΩTA\ IBM Tivoli Identity Manager NC
7. TwΩw°Awb⌡µñC
pGzO Oracle Tivoli Identity Manager ΩwAiHPM
vuenrolevbßnJ SQLPlusC@δÑA Oracle usystemv
iHPoMvC
pAQUínJG
sqlplus system/password@itim_db_instance
P\ivuenroleviHu⌠≤vCΘJUzⁿOG
SQL> GRANT CREATE ANY PROCEDURE to enrole;
hXÑq@CΘJUzⁿOG
SQL> quit;
8. bºeATw Tivoli Identity Manager GUI mñεCwMúAB½
soXw≤]pπúwRúCq Tivoli Identity Manager 4.4
Tivoli Identity Manager 4.5 ºßAúOdu@yCbºeAY3Twu
@ybómñAhϕ Tivoli Identity Manager ¬be@w
½soXm≤AiαPßXº¼pC
b⌡µºeAbPw Tivoli Identity Manager εCOºßAε Tivoli
Identity Manager]²Oún ε WebSphereC
@tτ Tivoli Identity Manager u@yObómñΦkAOd
u@yεCñTº]]Au@yMu@ymC
WebSphere MQ ú@-í runmqsc.exe HΣεCdMzAΣ≤w]² WebsphereMQ_HOME\bin ñC runmqsc.exe ís Websphere εCzíA display ⁿOπεC¼AC
UCO Tivoli Identity Manager εCMµG
v itim_wfAu@yεC
v itim_wf_pendingAu@ymñεC
v itim_rsAAεC
v itim_msAl≤AεC
v itim_adhocSyncAq°iAεC
116 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pA] WebSphere MQ wípbIuAv°Auserver1vWCUCⁿO
s ípbIM°AW JMS zíG
runmqsc WAS_A_server1
UCⁿOπ Tivoli Identity Manager u@yεC¼AG
display qlocal(’WQ_itim_wf’)
búπeñACURDEPTH πεCñTºCpG itim_wf M
itim_wf_pending εCúOAh Tivoli Identity Manager u@yÑiα
ObómñCpG
AMQ8409GπεCΩCDESCR(WebSphere Application Server queue - do not delete)PROCESS( ) BOQNAME(SYSTEM.DEAD.LETTER.QUEUE)
.
.
.IPPROCS(10) OPPROCS(0)
CURDEPTH(0)
9. WebSphere Application Server ⌠C\ 95yw WebSphere
Application ServerzC
10. ÷¼O]pGC
Nµ@°Atm
Dnbí Tivoli Identity Manager µ@°AtmC¿UCA
o@@UCΓ@G
1. w WebSphere Application Server Base 5.0C÷íΩTA\
98yN Base wbC@IWzC⌠≤ Network Deployment Manager
OMΩTAúnBzC
2. N Tivoli Identity Manager 4.4.x 4.5 C÷íΩTA
\yN Tivoli Identity Manager 4.4.x 4.5 zC
N Tivoli Identity Manager 4.4.x 4.5
DnbíN Tivoli Identity Manager 4.4.x 4.5 C
1. Tivoli Identity Manager wíC
instW2K-WAS.exe
oeuw∩v°íC
2. ∩AϕyÑAMß÷@UTwC
oeuvXv°íC
3. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
oeu∩w¼v°íC
4. ∩µ@°AAMß÷U@BC
oeu∩w²v°íC
5. ÷@U∩....AMß∩ Tivoli Identity Manager 4.4.x l²C
6. ÷U@BC
² E. q Tivoli Identity Manager 4.4.x Tivoli Identity Manager 4.5 ß 4.5.1 C 117
|
|
|
|
|
|
|
|
|||||||||
|
|
|
oeXuznq 4.4 4.5 Hv∩C
7. ∩OC
oeXuT WebSphere mv∩C
8. T WebSphere l²mAMß÷U@BC
eWX WebSphere w∩C
9. PztWuWebSphere swvOb@ñCpGuWebSphere
swvA÷@Uw WebSphere wAhA∩w WebSpherewCpGz∩uw WebSphere wvAB÷U@BAeNXt@
°íAnDzⁿw WebSphere í°A ID MKXCpGn
ΣLΩTA\ 103² C, ywqzC
oeXuemwKnv∩C
10. ÷@UwC
oeXUCU∩G
v LDAP Q¿
v ΩwQ¿
v ttmuπ
11. ÷@UTwA¿w@C
:
1. D∩ºetmΩwM LDAP °AⁿΩTCpGLks oΩ
AiHuttmuπvA½stmotsueCpGnut
tmuπvΩT÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
2. pGzbwA¼÷≤ enrole.ear TºANϕ Network Deployment
Manager iαLks SOAP ≡CTw SOAP tm≡ANObw
WebSphere 5.0 tm≡C
bΓ WebSphere Application Server w[c@s⌠UATO
WAS_HOME\properties\wsadmin.propertiesñ com.ibm.ws.scripting.port AP
server1 SOAP_CONNECTOR_ADDRESS U≡@:
WAS_HOME\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
pGΓú@AKLkQíp Tivoli Identity Manager Mtm Tivoli Identity
Manager/WebSphere Application ServerC
NOtm
Dnbí Tivoli Identity Manager OtmCo@@UC
X@G
1. wMtmOtm WebSphere ≤G
a. w WebSphere Application Server Network DeploymentC֒
ΩTA\ 96 yw WebSphere Application Server Network
DeploymentzC
b. w IBM HTTP Server M Web í≤C÷íΩTA
\ 97yw IBM HTTP Server M WebSphere Web °AízC
118 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
c. N WebSphere Application Server Base 5.0 wbn°AC÷í
ΩTA\ 98yN Base wbC@IWzC
d. tmO⌠CΣL÷ΩTA\ 95ytm Tivoli Identity Manager
OzC
2. N Network Deployment Manager t Tivoli Identity Manager 4.4.x 4.5
C÷íΩTA\yN Network Deployment Manager t
Tivoli Identity Manager 4.4.x 4.5 zC
3. N¿It Tivoli Identity Manager 4.4.x 4.5 C÷í
ΩTA\ 120yN¿t Tivoli Identity Manager 4.4.x
4.5 zC
N Network Deployment Manager t Tivoli Identity Manager 4.4.x 4.5
Dnbíp≤bz Network Deployment Manager ttWAN Tivoli
Identity Manager 4.4.x 4.5 C
: WebSphere Application Server Network Deployment 5.0 iHⁿJ Tivoli Identity
Manager 4.4.x Dnn°AC
1. Network Deployment Manager qúW Tivoli Identity Manager wíG
instWIN-WAS.exe
oeuw∩v°íC
2. ∩AϕyÑAMß÷@UTwC
oeuvXv°íC
3. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
oeu∩w¼v°íC
4. ∩OAMß÷U@BC
oeu½nΩTv°íC
5. ÷U@BC
oeu∩w²v°íC
6. ÷@U∩....AMß∩ Tivoli Identity Manager 4.4.x l²C
7. ÷U@BC
oeXuznq 4.4 4.5 Hv∩C
8. ∩OC
oeu∩OI¼v°íC
9. I¼A∩ Network Deployment ManagerAMß÷U@BC
oeXuT WebSphere mv∩C
10. T WebSphere l²mAMß÷U@BC
eWXOW∩C
² E. q Tivoli Identity Manager 4.4.x Tivoli Identity Manager 4.5 ß 4.5.1 C 119
|
|
|
|
|
|
|
|
|
11. ΘJb Network Deployment Manager OWC
12. ÷U@BC
eWX WebSphere w∩C
13. PztWuWebSphere swvOb@ñCpGuWebSphere
swvA÷@Uw WebSphere wAhA∩w WebSpherewCpGz∩uw WebSphere wvAB÷U@BAeNXt@
°íAnDzⁿw WebSphere í°A ID MKXCpGn
ΣLΩTA\ 103² C, ywqzC
oeXuemwKnv∩C
14. ÷@UwC
oeXUCU∩G
v LDAP Q¿
v ΩwQ¿
v ttmuπ
: pGzbwA¼÷≤ enrole.ear TºANϕ Network
Deployment Manager iαLks SOAP ≡CTw SOAP tm≡A
NObw WebSphere 5.0 tm≡C
bΓ WebSphere Application Server w[c@s⌠UATO
WAS_HOME\properties\wsadmin.propertiesñ com.ibm.ws.scripting.port A
P server1 SOAP_CONNECTOR_ADDRESS U≡@:
WAS_HOME\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
pGΓú@AKLkQíp Tivoli Identity Manager Mtm Tivoli Identity
Manager/WebSphere Application ServerC
oeXuttmuπv∩C
15. ÷@UTwA¿w@C
: D∩ºetmΩwM LDAP °AⁿΩTCpGLks oΩ
AiHuttmuπvA½stmotsueCpGnut
tmuπvΩT÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
N¿t Tivoli Identity Manager 4.4.x 4.5
Dnbíp≤NO¿tW Tivoli Identity Manager 4.4.x 4.5
C
: WebSphere Application Server Network Deployment 5.0 iHⁿJ Tivoli Identity
Manager 4.4.x Dnn°AC
1. ¿I≈W Tivoli Identity Manager wíG
instW2K-WAS.exe
oeuw∩v°íC
2. ∩AϕyÑAMß÷@UTwC
120 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
oeuvXv°íC
3. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
4. ÷U@BC
oeu∩w¼v°íC
5. ∩OAMß÷U@BC
oeu½nΩTv°íC
6. ÷U@BC
oeu∩w²v°íC
7. ÷@U∩....AMß∩ Tivoli Identity Manager 4.4.x l²C
8. ÷U@BC
oeXuznq 4.4 4.5 Hv∩C
9. ∩OC
oeu∩OI¼v°íC
10. I¼A∩O¿AMß÷U@BC
oeXuT WebSphere mv∩C
11. T WebSphere l²mAMß÷U@BC
eWXOW∩C
12. ΘJb Network Deployment Manager OWC
13. ÷U@BC
eWX WebSphere w∩C
14. PztWuWebSphere swvOb@ñCpGuWebSphere
swvA÷@Uw WebSphere wAhA∩w WebSpherewCpGz∩uw WebSphere wvAB÷U@BAeNXt@
°íAnDzⁿw WebSphere í°A ID MKXCpGn
ΣLΩTA\ 103² C, ywqzC
oeXuemwKnv∩C
15. ÷@UwC
: pGzbwA¼÷≤ enrole.ear TºANϕ Network
Deployment Manager iαLks SOAP ≡CTw SOAP tm≡A
NObw WebSphere 5.0 tm≡C
bΓ WebSphere Application Server w[c@s⌠UATO
WAS_HOME\properties\wsadmin.properties ñ com.ibm.ws.scripting.port A
P server1 SOAP_CONNECTOR_ADDRESS U≡@G
WAS_HOME\config\cells\<cell_name>\nodes\<node_name>\serverindex.xml
pGΓú@AKLkQíp Tivoli Identity Manager Mtm Tivoli Identity
Manager/WebSphere Application ServerC
² E. q Tivoli Identity Manager 4.4.x Tivoli Identity Manager 4.5 ß 4.5.1 C 121
|
oeXuttmuπv∩C
16. ÷@UTwA¿w@C
: D∩ºetmΩwM LDAP °AⁿΩTCpGLks oΩ
AiHuttmuπvA½stmotsueCpGnut
tmuπvΩT÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
q 4.5 4.5.1
b¿²etm Tivoli Identity Manager 4.5 BJºßA Tivoli Identity
Manager 4.5.1 wMAN Tivoli Identity Manager 4.5 4.5.1 Cp
GnΣLΩTA\ 123² F, yq Tivoli Identity Manager 4.5
4.5.1 zC
122 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
² F. q Tivoli Identity Manager 4.5 4.5.1
Níp≤q Tivoli Identity Manager 4.5 Tivoli Identity Manager 4.5.1
CPNíp≤Nµ@°AMO Tivoli Identity Manager tm[HC
: ßATivoli Identity Manager °A N≥²°AMΩwC
lºe
bq Tivoli Identity Manager 4.5 Tivoli Identity Manager 4.5.1 ºeA
⌡µUC@G
1. ≈µ WebSphere Application Server tm]wA]A Tivoli Identity
Manager 4.5 ]wCo≤ WAS_HOME\config ñC
2. ≈µ Tivoli Identity Manager ΩTAΣñ]AeMtm]wCo
≤ ITIM_HOME\data ñC
3. ≈²°AC\Aϕúσ≤C
4. ≈ΩwC\Aϕúσ≤C
5. bºeATw Tivoli Identity Manager u@ySw∩πB¡≈
BhIµ@b⌡µñA]S⌠≤ΣL@CbºeAY3T
wu@ybómñAhϕ Tivoli Identity Manager ¬be@w
½soXm≤AiαPßXº¼pC
b⌡µºeAbPw Tivoli Identity Manager εCOºßAε Tivoli
Identity Manager]²Oún ε WebSphereC
@tτ Tivoli Identity Manager u@yObómñΦkAOd
u@yεCñTº]]Au@yMu@ymC
WebSphere MQ ú@-í runmqsc.exe HΣεCdMzAΣ≤w]² WebsphereMQ_HOME\bin ñC runmqsc.exe ís Websphere εCzíA display ⁿOπεC¼AC
UCO Tivoli Identity Manager εCMµG
v itim_wfAu@yεC
v itim_wf_pendingAu@ymñεC
v itim_rsAAεC
v itim_msAl≤AεC
v itim_adhocSyncAq°iAεC
pA] WebSphere MQ wípbIuAv°Auserver1vWCUCⁿO
s ípbIM°AW JMS zíG
runmqsc WAS_A_server1
UCⁿOπ Tivoli Identity Manager u@yεC¼AG
display qlocal(’WQ_itim_wf’)
© Copyright IBM Corp. 2004 123
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
búπeñACURDEPTH πεCñTºCpG itim_wf M
itim_wf_pending εCúOAh Tivoli Identity Manager u@yÑiα
ObómñCpG
AMQ8409GπεCΩCDESCR(WebSphere Application Server queue - do not delete)PROCESS( ) BOQNAME(SYSTEM.DEAD.LETTER.QUEUE)
.
.
.IPPROCS(10) OPPROCS(0)
CURDEPTH(0)
6. ÷¼O]pGC
Nµ@°Atm
Dnbíp≤bµ°AtmñN Tivoli Identity Manager 4.5 4.5.1
C⌡µUC@G
1. Tivoli Identity Manager wíC
instWIN-WAS.exe
oeuw∩v°íC
2. ∩AϕyÑAMß÷@UTwC
oeuvXv°íC
3. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
oeu∩w¼v°íC
4. ∩µ@°AAMß÷U@BC
oeu∩w²v°íC
5. ÷@U∩....AMß∩ Tivoli Identity Manager 4.5 l²C
6. ÷U@BC
oeXuznq 4.5 4.5.1 Hv∩C
7. ∩OC
oeXuemwKnv∩C
8. ÷@UwC
oeXUCU∩G
v LDAP Q¿
v ΩwQ¿
v ttmuπ
9. ÷@UTwA¿w@C
: D∩ºetmΩwM LDAP °AⁿΩTCpGLks oΩ
AiHuttmuπvA½stmotsueCpGnut
tmuπvΩT÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
124 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|||||||||
||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
NOtm
Dnbí Tivoli Identity Manager OtmCo@@UC
X@G
1. N Network Deployment Manager System ñ Tivoli Identity Manager 4.5
4.5.1 C÷íΩTA\yN Network Deployment Manager
System Tivoli Identity Manager 4.5 4.5.1 zC
2. N ¿Itñ Tivoli Identity Manager 4.5 4.5.1 C÷í
ΩTA\ 126yN¿tñ Tivoli Identity Manager 4.5
4.5.1 zC
N Network Deployment Manager System Tivoli Identity Manager4.5 4.5.1
Dnbíp≤bx Network Deployment Manager System tWAN Tivoli
Identity Manager 4.5 4.5.1 C⌡µUC@G
1. Network Deployment Manager qúW Tivoli Identity Manager wíG
instWIN-WAS.exe
oeuw∩v°íC
2. ∩AϕyÑAMß÷@UTwC
oeuvXv°íC
3. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
oeu∩w¼v°íC
4. ∩OAMß÷U@BC
oeu½nΩTv°íC
5. ÷U@BC
oeu∩w²v°íC
6. ÷@U∩....AMß∩ Tivoli Identity Manager 4.5 l²C
7. ÷U@BC
oeXuznq 4.5 4.5.1 Hv∩C
8. ∩OC
oeXuemwKnv∩C
9. ÷@UwC
oeXUCU∩G
v LDAP Q¿
v ΩwQ¿
v ttmuπ
oeXuttmuπv∩C
10. ÷@UTwA¿w@C
² F. q Tivoli Identity Manager 4.5 4.5.1 125
||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
: D∩ºetmΩwM LDAP °AⁿΩTCpGLks oΩ
AiHuttmuπvA½stmotsueCpGnut
tmuπvΩT÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
N¿tñ Tivoli Identity Manager 4.5 4.5.1
Dnbíp≤bO¿tWAN Tivoli Identity Manager 4.5 4.5.1
C⌡µUC@G
1. ¿I≈W Tivoli Identity Manager wíG
instWIN-WAS.exe
oeuw∩v°íC
2. ∩AϕyÑAMß÷@UTwC
oeuvXv°íC
3. \¬vXAMwO ⁿo°CpG ⁿA∩ⁿAMß÷U@BC
4. ÷U@BC
oeu∩w¼v°íC
5. ∩OAMß÷U@BC
oeu½nΩTv°íC
6. ÷U@BC
oeu∩w²v°íC
7. ÷@U∩....AMß∩ Tivoli Identity Manager 4.5 l²C
8. ÷U@BC
oeXuznq 4.5 4.5.1 Hv∩C
9. ∩OC
oeXuemwKnv∩C
10. ÷@UwC
oeXuttmuπv∩C
11. ÷@UTwA¿w@C
: D∩ºetmΩwM LDAP °AⁿΩTCpGLks oΩ
AiHuttmuπvA½stmotsueCpGnut
tmuπvΩT÷ΩTA\ IBM Tivoli Identity Manager tmΓUC
126 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
² G. úw Tivoli Identity Manager
Tivoli Identity Manager úwiHúwUCG
v Tivoli Identity ManagerA]Abw Tivoli Identity Manager Ast
W ITIM_HOME
v b WebSphere Application Server W Tivoli Identity Manager Tivoli Identity
Manager íMtm]w
úw Tivoli Identity Manager ú∩Ωwϕµ²°A⌡C
Tivoli Identity Manager úwíq WebSphere Application Server ú Tivoli
Identity Manager íC
pGntúwΣLbw Tivoli Identity Manager iαwgwú]p
WebSphere Application Server IBM HTTP ServerA\Aϕúσ≤C
: pGznqOtmN Tivoli Identity Manager úwA²qO¿
ú Tivoli Identity ManagerAAqw Network Deployment Manager qúW
ú Tivoli Identity ManagerC
lºe
pGzQnΓ Tivoli Identity Manager tmΩTxsb WebSphereAbúw Tivoli
Identity Manager ºeA²Γ WebSphere tm≈C
1. WebSphere Application ServerC≤÷o°AΩTA\
WebSphere Application Server úσ≤C
2. bz WebSphere Application Server s@≈qúWA⌡µUzⁿOG
WAS_HOME\bin\backupConfig.bat
ⁿO@O WebSphereConfig_2003-07-10.zip úYAΣ]t
µ Tivoli Identity Manager tm]wC Obz⌡µ backupConfig ⁿO
²UC
: pGntm]wA⌡µUzⁿOG
WAS_HOME\bin\restoreConfig.bat WebSphereConfig_datevalue.zip
:
1. pGznqOtmúw Tivoli Identity ManagerA² Network Deployment
Manager b⌡µñCA]τb⌡µúwA@í°AM
Network Deployment Manager ºíqTºeA²²INzíbtW⌡µC
2. pGznq Network Deployment Manager túw Tivoli Identity ManagerA
²tWS JVM 1.3 AO WebSphere Application Server Base
w[cAoiαoDCboípUAziHw@≈ JVM 1.3
A≤s <ITIM_HOME>/itimUninstallerData/Uninstall ITIM.lax LAX
JVM wqC
ΓUo@µG
© Copyright IBM Corp. 2004 127
lax.nl.current.vm=\java\bin\javaw.exe
∩¿
lax.nl.current.vm=was_ndm_home\java\bin\javaw.exe
úw Tivoli Identity Manager BJ
pGnúw Tivoli Identity ManagerA⌡µUC@G
1. bw Tivoli Identity Manager qúW⌡µUCⁿOAN Tivoli Identity Manager
íúwC
ITIM_HOME\itimUninstallerData\Uninstall_ITIM
2. zLúwδFeATznúw Tivoli Identity ManagerC
3. Q¿úwºßAΓU Tivoli Identity Manager ²BtmMΘx
AqtúC
Tivoli Identity Manager úwí]Γípb WebSphere Application Server W
Tivoli Identity Manager íúC
pGnτ Tivoli Identity Manager wgq WebSphere Application Server úw
BúA⌡µUC@G
1. WebSphere Application Server zDxAMßnJC
2. q²≡¼c²IAMß÷U°íC
oeX@≈wbí°A°íMµCpGΣñC
enRole oíA Tivoli Identity Manager úwíKLkq WebSphere
Application Server ú Tivoli Identity Manager íCziHΓΦí
úoíCpGS enRole íANϕ Tivoli Identity Manager
úwíwgQq WebSphere Application Server ú Tivoli Identity
Manager úwíFC
pGnHΓΦíAq WebSphere Application Server ú Tivoli Identity Manager
íA⌡µUC@G
1. WebSphere Application Server zDxAMßnJC
2. q²≡¼c²IAMß÷U°íC
oeX@≈wbí°A°íMµC
3. ∩ enRole ∩C
4. ÷@Uε÷sC
5. enRole íQ εºßAA∩ enRole í∩C
6. ÷@Uúw÷sC
7. d enrole.ear ²OwqUCúG
WAS_HOME\AppServer\config\cells\servername\applications
8. ú WAS_HOME\AppServer\logs ñ itim.log
128 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
: bO⌠ñAunq Network Deployment Manager tú Tivoli Identity
Manager ºßAONA]úα Tivoli Identity Manager FCziHWz
HΓΦíNíúwⁿAqOO¿ú Tivoli Identity
ManagerC
WebSphere ⌠ ORACLE_JDBC_DRIVER_PATHbwí∩F Oracle ΩwATivoli Identity Manager N WebSphere Application
Server ⌠ ORACLE_JDBC_DRIVER_PATH ] classes12.zip b
ITIM_HOME/libCO]wb WebSphere Application Server IhC
úw Tivoli Identity Manager iαú classes12.zip CpGzt@
íAzN½] classes12.zip ºbs
mC
² G. úw Tivoli Identity Manager 129
|
|
|
|
|
|
|
² H. N
σ≤Yw∩ IBM bⁿΩúºúPAoFbΣLΩañAIBM úúo
ú≤ñúUúBA\αCóϕa IBM NϕAHo
ϕaeúúMAº÷ΩTCo≈σ≤bú IBM úBíAA
úϕtuα IBM úBíACun3I8 IBM z]úvA
⌠≤\αϕúBíAúiHN IBM úBíACúLA⌠≤
D IBM úBíAAµtd@⌠Mτd⌠C
o≈σ≤íDDeAIBM iα ΣMQMQ9Cúo≈σ≤úNϕ
úoMQvCziHúXvdAτHG
IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.
pGO÷ (DBCS) ΩTvdAóbΩ IBM z]úíA
úXvdAτHG
IBM World Trade Asia CorporationLicensing2-31 Roppongi 3-chome, Minato-kuTokyo 106-0032, Japan
UCq¿úA≤Ω°PϕakΦΣLΩaGInternational Business
Machines Corporation) uypzúXAúú⌠≤tºOAΣ
ñ]ABú¡≤úHWwBiSwºA⌠tOCab
Swµ÷WAú4\útOA]Aonú@wAXzC
oΩTñiαNWLΩW C]AIBM wqFNqß
eJsñCIBM H∩iM/≤XúúM/íAút
µqC
o≈ΩTñú⌠≤D IBM ⌠uAIBM úo⌠úOCo⌠
úΩúO IBM úΩeApGno⌠ΩAz
µßIC
IBM oHUAϕΦíG)zú⌠≤ΩTAL∩ztdC
pGí≥vHF (i) bOíMΣLí]]Aíºíµ½
ΩTAH (ii) ¼µ½ΩTA]n÷ΩTAóG
IBM Corporation2ZA4/10111400 Burnet RoadAustin, TX 78758U.S.A.
© Copyright IBM Corp. 2004 131
oΩTiAϕ°oAbYípUIOΦoC
IBM ≥≤Φº IBM ΩívX]⌠≤PÑX°AúΩTú
víPΣAvΩC
Bt⌠≤αΩAObⁿε⌠UoXAPbΣL@⌠UoX
GAiαjtºCqΩObotWAúOPΣLqt
WqΩ@CAqΩiαOzL [Hw⌠AΩGúú
oPCσTΣSw⌠AΩC
úºD IBM úΩTAúAΣoGnΣL-DC
IBM 3LoúA]LkToD IBM ú⌡µαBe⌠≤∩
úΣLDiOL C÷D IBM úαD ó úC
UCⁿJO International Business Machines Corporation bⁿΩ/ΣLΩa
UG
AIX
DB2
IBM
IBM x
SecureWay
Tivoli
Tivoli x
Universal Database
WebSphere
Lotus O Lotus Development Corporation / IBM Corporation UC
Domino O International Business Machines Corporation M Lotus Development Corporation
bⁿΩ/ΣLΩaC
MicrosoftBWindowsBWindows NT M Windows xO Microsoft Corporation bⁿΩ
/ΣLΩaC
UNIX O The Open Group bⁿΩΣLΩaUC
Java™ MH Java ≥ªMxAO Sun
Microsystems, Inc. bⁿΩMΣLΩaUC
ΣL-qBúAWAiαOTAxC
132 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
Wⁿ
T
l (subprocess). Qϕ@t@u@y]p@íu@y]pC
u@y (workflow). ÷°⌡µíC
w¿nD (completed requests). wgeXtABwg¿nDC
úe\@ (disallowed action). AªiHwqϕ Tivoli Identity Manager Server obß
HLv ∩AbßA⌡µ@Co
ub∩udhv∩&C
ñíΩxsw (central data repository). oΩwiHO²Mxsn²MsMvΩ
AΣñ]Aµ÷M@O²bC
Σ (branch). ≡¼cñC@hAú@ΣC≡¼cñC@ΣAú)úPⁿ
XCziH÷@UlµΣΣ[ (+)A°Σ
eC
¡
²AOyÑ (Directory Services MarkupLanguage, DSML). O@ XML Ω@AiHú@
µíAíM@úP²t²AΩTC
@KX (shared secret). @[KAΣO
lKXAs Tivoli Identity Manager tC
oObHΩTⁿJtwqC
Xⁿ (join directive). @WhAoWhiwqϕΓΓHWho≡A p≤Bz
C
s (access). xsbqútWΩTΩMvC
sεΩT (access control informationAACI). oΩiHO@sDΘsvCt\us
εvC
C
m (location). iH[Jñ@l-qΩΘCq
AmOHΦΦíazmAiµ
zC
@ñbß (active account). @sbBe) sΩbßC
@°i (operation report). o≈°iO @¼BΘB)nD@AHw∩nD@AC
Tivoli Identity Manager @nDC
OW (alias). @¡AqOⁿ IDC
@HiHnXOWApGGSmith M GWSmithC
tz (system administrator). vstHC
Tivoli Identity Manager tñú@w²tm
uITIM svCouITIM svQ]pnNt
¬sv3¿C¡zuITIM sv¿
Avst\αMΩC
¡Oh (identity policy). Tivoli Identity Manager
twqp≤ ID WhC
K
(user). Pt¼@⌠≤HC
(user interfaceAUI). Pt¼
πeC
W (user name). st IDC
o ID ]iHw∩tOAB²t
bUñΓM ITIM sñ¿ΩµAMw
svC
°i (user report). o≈°iO ΘB)nD@Hw∩nD@ACX Tivoli Identity
Manager @C
O (user class). @ LDAP OAp
inetorgperson BPPersonC
© Copyright IBM Corp. 2004 133
(provision). iH]wM@∩tsvC
h (provisioning policy). ohiHwqUⁿzAsvAp Tivoli Identity Manager @
tCsv3HA HñΓ
[H3Csv]iHSO3úO⌠≤ñΓ¿
HC
eú (delegate). oHQⁿútdπt@nDAw∩t@nDúΩTC
tbß (orphanAorphan account). ΩbßA bßb Tivoli Identity Manager tñ Lk
PwC
A (service). ⌡µ°A÷nΘñDn\α
íC
A∩h (service selection policy). bh
ñAtdMwn@A JavaScript LoC
D@ñbß (inactive account). sb≤tñA²ebß úbñbßC
E
Mµ (to do list). ⁿú¿@MµC
d (query). ¡ε@ p¼]ΦkC
nD (request). O Tivoli Identity Manager tñAn
DπΩT@@C
nD (requestor). eXnDHC
nDΩT (request for information, RFI). bz¡
OAVⁿwPnDΣLΩT@Aobu
@yO@nBJC
¡ε (constraint). h¡εC
Q
HΩT (personal information). HΩTCoΩTiH]tm≤BWrBϕaaBqXBq
lHcaB-XMÑC
h (policy). b Tivoli ñA@M≤ⁿzΩW
hC±ΦíAhiHMKXAMQ
nsΩC
hIµ (policy enforcement). Tivoli Identity Manager
t ⁿú ⁿHhºbΦíC
Q@
P (participant). b¡zñAvw∩zLu@yeXnDX HCPiQ°H
ñΓAQq JavaScript Script [HOC
µ (business unit). ñ@l-qΩΘC
±H (business partner person). ±ñ@HC
± (business partner organization). @
HOAúO-q uA²Oiαns
-qΩC
KX (password). bqúM⌠⌠wñA)ΘJHtOSwrΩAªiH²stA
HxsbΣñΩC
KXh (password policy). wqKXXº]wWhAp°AHe\Múe\r
¼C
KX¡ (password expiration period). bjó≤∩KXºeAªα≈h[C
bß (account). wqnJΩTMsεΩT
C
bß°i (account report). o≈°iCXHΣ÷bßAH bßOµhC
ε¼ (control type). Java ¼O@ΩAN
ϕ Wµ¼C
v (authorization). bqúwñA3qútPqútqTv¡C3∩½
≤BΩτπ¡svC
jíwtúOΓBJC@Ñq
OOATwNOLnHCGÑqO
vAe\o ¡sUΩC
v (authorization owner). oO@s
ALiHbΣµ⌠wqñAwqs
εΩT (ACI)C
(organization). b¡zñAWMΩDΘC÷MºíiH@ΩA²ºí
πXhoϕCCqNOⁿ-qC
ñΓ (organizational role). b¡zñAMwvsUⁿzΩºh¿ΩµC
µ (organizational unit). ñMΩDΘAtdNhiHzsCu
134 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
αⁿú@µCΩ]uαⁿú@µ
]úDªQwqqC
≡ (organization tree). ÑhícAiúΦíBsMxsΩTC
Q°i (rejected report). o≈°iO ΘB)nD@Hw∩nD@ACFQn
DC
QnD (requestee). nDOw∩oHeXC
QG
ú¡ε (escalation limit). biµú@ºeAP∩nDX q]ΘBBϕC
úP (escalation participant). b¡zñAvbⁿwúíA∩≤PS nDX
HCúPiQ°HñΓAQ
q JavaScript Script [HOC
ú DSML ¡ (DSML identity feed). Tivoli Identity
Manager Tw]A¼Σñ@C
ú DSML ¡AiqHOΩΩwAN
ΩJ Tivoli Identity Manager ²ñABNΩT
m≤ Tivoli Identity Manager ²UCoAiHQU
C@Φk ¼ΩTG@YNQRúq
C
ú HR (HR feed). Tivoli Identity Manager tqH
OΩΩwJΩC
uú DSML ¡vC
QT
Ω (resource). ) Tivoli nΘzwΘBnΘ
ΩΩΘCt\uⁿzΩvC
Ωz (resource provisioning management,rpm). XTDn]ΦBu@yzHeNzízhAtdñzvsΩT
MΩºC
qlϕµ (electronic form). qlϕµO@dAiHw∩nDsvwqC
Q
ΩΘ (entity). 1) ⁿH½≤AΩTNOw∩oH½
≤xsC
2) Tivoli Identity Manager tUC@OG
v Person
v BPPerson
v Organization
v BPOrganization
(supervisor). Tivoli Identity Manager tñA
Qⁿúµ HC
zΓ (admin domain). @µAHΦΦíjd⌠zsv¡C
(credential). e\sbß ID M
KXΩTC
Γ z (domain administrator). oziHwqMzbΣzΓΩΘBhBABu@
ywqBñΓHA²u¡≤LvzΓ
d≥C
Q¡
fO² (audit trail). qútbYqñµ÷O
²C
oε (de-provision). úA≤C±ΦíAoεbßOⁿqΩRúYbßC
(digital certificate). FwúqlTº≤C
(suspend). °bßA²bß LknJΩ@C
Ld (challenge response). oO@OΦkAªnDbnJ⌠⌠AúMΩTτ¡A
∩úX C
d≥ (scope). hαvTd≥C
qd≥Owqµ@l≡CpGd≥Qwqµ@d
≥AhhuvTwqªP@ΣñΩΘCpGd
≥Qwql≡Ahhú²vTwqªΣA
vTΣL≤ hIΣΣC
(reconciliation). b¡≈zñANñíΩxswWbßMΣΩPⁿzΩWbßMΣΩP
B.C
°i (reconciliation report). o≈°iCFqW@⌡µºßAΣtbßC
Q
zñ (Certificate Authority). tdoX
CzñO ¡H
Wⁿ 135
vABoXsB≤sAH
oεúAvªC
(owner). Tivoli Identity Manager tñ bß
AHC
RAñΓ (static organizational role). uαHΓΦíⁿúñΓC
QC
ovQ (entitlement). bwzñANϕhΩTΩcBAMµC
mnD (pending request). wgeXtA² 3¿nDC
(restore). ½s bßC
QE
Wv¡ (signature authority). ov¡iHπeXu@ynDCsOQ
ⁿúu@y]pñPúPAQ3
Wv¡C
÷Σr (keyword). bjM@ñAOh
C
GQ@
⌡µΦí (attribute enforcement). tzwqbßHwqºC
GQG
O (authentication). OH¡ (qO
WMKX[HO) CbwtñAOPv
OIMúPAvOⁿ H¡Aw∩H3t
½≤svCOuOTwoHNOLn
¡A²3ú÷≤HsvΩTHC
A
ACI (ACI target). ) ACI εΩΘC
ACI I (ACI origin). ACI º≡¼cñ
ΣC
I
ITIM s (ITIM group). Tivoli Identity Manager °A
ñsC
tsMziHw∩ ITIM scA²OA
²π ITIM bßA&αⁿú ITIM sCu
noHπF ITIM bßALNO@ ITIM A
iH[J ITIM sC
S
Secure Socket Layer (SSL). zL⌠⌠⌠ΘpKσ≤qT≤wCSSL kOQpK≈ANzL
SSL suαeΩ[KC
T
Tivoli Identity Manager Nzí (Tivoli IdentityManager Agent). ⁿztM Tivoli Identity
Manager °Aºíz¼ Cªϕ≤HΩz
ABOα½nD½n≤AiHúU
twtmsvC
Tivoli Identity Manager °A (Tivoli Identity ManagerServer). Q]pníph¼MΦnΘMAM≤C
136 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
HñσrA σrASϕº
CC
e@fu@δv 49, 75
eTfu@ϕ
µ@°A 34
O 60
u@yh, Tivoli Identity Manager 6
u@D≈W, WebSphere Application Server µ 36
ef
ºe 111, 115, 123
tm 114
µ@°Atm 117, 124
Otm 118, 125
IBM HTTP Server 118
Tivoli Identity Manager 111, 115, 123
Σñ, pnΘ x
σ≤, Tivoli Identity Manager w vii
÷σ≤ ix
uWsσ≤ ix
Θx
µ@°Aw 53
Ow 80
e¡fD≈W, ²°Aµ 35, 61
DΘ DN, ²°Aµ 36, 62
X, Tivoli Identity Manager w vii
÷σ≤ ix
uWsσ≤ ix
[K
≈ 45, 72
WebSphere Application Server 37, 62
\αOtm
hORW (UIBWF) 6, 59
WebSphere Application Server 8
nΘ
u@ϕ
µ@°A 34
O 58, 60
w, µ@°A 31
nΘ (≥)
O 59
IBM HTTP Server 31
WebSphere Application Server 31
WebSphere Embedded Messaging Σ 31
µ@°A
²°A 31
Ωw 31
zv¡ 32, 58
WebSphere sw 32
O
²°A 58
INzí 58
Ωw 58
HTTP Ñq@≥ 81
JMS °A 58
Network Deployment Manager 58
WebSphere Application Server Base 58
IBM HTTP Server
w, µ@°A 31
root 58
root v¡ 58
WebSphere Application Server Base
w, µ@°A 31
WebSphere Embedded Messaging Σ
w, µ@°A 31
Windows Wzv¡ 32
u²v 49, 76
²°A
tm, l 48, 75
µ
D≈W 35, 61
DΘ DN 36, 62
¡zí DN m 35, 61
≡ 36, 62
KX 36, 62
zW 35, 61
w]g 35, 61
Wqp 36, 62
xs"jpW¡ 36, 62
xs"ljp 36, 62
°Ωxs 35, 61
efhI, J2EE wtm 106, 107
uwv 52, 79
© Copyright IBM Corp. 2004 137
w
Θx
µ@°A 53
O 80
½sO 81
ΣLtm 46, 73
µ@°A 39
O 64
∩Ωw 41, 67
IBM HTTP Server 97
Oracle
AIX 16
HP-UX 19
Solaris 18
Windows 20
SQL Server 2000 22
Tivoli Identity Manager °A
31
y, µ@°A 38
y, O 63
µ@°A 31
O 57
WebSphere Application Server Base 98
WebSphere Application Server Network Deployment 96
w²
IBM HTTP Server µ 38
WebSphere Application Server Base µ 62
WebSphere Application Server µ 37
WebSphere Embedded Messaging Σ 37
, wµ@°AnΘ 31
eCf°A
HΓΦíw, O 95
w, µ@°A 31
°AW, WebSphere Application Server µ 37
utvµ, WebSphere Application Server 37, 63
¡zí DN m, ²°Aµ 35, 61
eKf ID, Tivoli Identity Manager µ 38, 63
h, Tivoli Identity Manager 6
KX, Ωwµ 34, 60
D x
O@⌡µw
runConfig]ttm 53, 80
eEfⁿO
db2 connect 12
db2 create 12
ⁿO (≥)
db2 create bufferpool 12
db2 force application all 13
db2 update 12
db2 ¼² 14
db2cmd 12
db2set 11
db2start 13
db2stop 13
usejdbc2 15
y
µ@°Aw 38
Ow 63
¡ε
P@íqúW UIBWF O¿ 9
PΦ@t 9
h WebSphere Application Server Ω, P@íqú 9
WebSphere Embedded Messaging Σ 95
eQfeqW¡, Ωwxs"µ 35, 61
uOⁿv 50, 77
Oⁿh 38, 62, 63
OΘú¼ , applheapsz 15
leq, Ωwxs"µ 35, 61
tm
²°A 48, 75
MWⁿ 3
W 3
º[ 3
Ωw 46, 73
IBM DB2 11
IBM DB2
b°A 13
bOqúW 14
°A 12
w" 12
applheapsz 15
JDBC Xí 14
IBM Directory Server
π 24
4.1 24
Oracle 20
SQL Server 2000 22
Sun ONE Directory Server 29
Tivoli Identity Manager
u@δv 49, 75
u²v 49, 76
uwv 52, 79
uOⁿv 50, 77
ul≤v 50, 77
uΩwv 49, 76
UI 51, 78
WebSphere Application Server
\αO 8
138 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
tm (≥)
WebSphere Application Server (≥)
Tivoli Identity Manager 9
µ@°A 4
µ@O 7
eQ@f , J2EE wtm 108
nΘ
IBM HTTP Server 31
WebSphere Application Server 31
WebSphere Embedded Messaging Σ 31
π
IBM Directory Server 24
timdelref.conf 25
≡
²°Aµ 36, 62
≡, R 28
2809 28
8880 28
9043 28
9080 28
9090 28, 37
9090, MP wsmserver ≡ 95
9091 37
9443 28
Bootstrap/rmi 29
SOAP s 29
WebSphere Application Server µ 37
≡, Ωwµ 35, 61
≥D
CA 56, 83
KX
²°Aµ 36, 62
wºßlO ″secret″ 38, 63
Tivoli Identity Manager µ 38, 63
MWⁿ
u@y (WF) 6
(UI) 6
I 3
INzí 3
í°A 3
O 4
O¿ 4
Cell 3
jmsserver 9
Network Deployment Manager 3
WebSphere Application Server 3
WebSphere Embedded Messaging Σ 9
WebSphere Web Server í 4
N IBM DB2 Ωws¿¼² 14
zW, ²°Aµ 35, 61
nΘΣñ, p x
eQGfµ@°A
u@ϕ 34
nΘ
²°A 31
Ωw 31
zv¡ 32, 58
WebSphere sw 32
w
Θx 53
ΣLtm 46
39
Tivoli Identity Manager °A 31
wy 38
tm
w 31
WebSphere Application Server 4
µ@Otm
w 64
WebSphere Application Server 7
µI, J2EE wtm 103
nJ≡ϕ, Ωwxs"µ 35, 61
ul≤v 50, 77
l≤°AW 38, 62, 63
w, µ@°A 39
w, O 64
ΣLtm 46, 73
D, Ow 57
eQTfI
[J Cell ñ 99
WebSphere Application Server 3
INzí
nM⌡µ 99
WebSphere Application Server 3
IW, WebSphere Application Server µ 37
úw
Tivoli Identity Manager 127
²°A⌡ 127
ΓtmΩTxsb WebSphere 127
BJ 128
ΣLú 127
Ωwϕµ 127
Ωw
bw∩ 41, 67
tm
l 46, 73
IBM DB2 11
µ
KX 34, 60
≡ 35, 61
ΩwW 34, 60
139
Ωw (≥)
µ (≥)
Ωw 34, 60
Ωw¼ 34, 60
z ID 34, 60
zKX 34, 60
IP 35, 61
uΩwv 49, 76
Ωwß, JDBC Xí 14
ΩwW, Ωwµ 34, 60
Ωw, Ωwµ 34, 60
Ωwxs"
eqW¡ 35, 61
leq 35, 61
nJ≡ϕ 35, 61
Ωw¼, Ωwµ 34, 60
w]g, ²°Aµ 35, 61
eQfz ID, Ωwµ 34, 60
z ID, WebSphere Application Server µ 36
zKX, WebSphere Application Server µ 36
zKX, Ωwµ 34, 60
zv¡, Windows 32
zv¡, wºe²Tw 58
zv¡, we²Tw 32
íσ≤≤Uuπn x
eQ¡fWqp, ²°Aµ 36, 62
h
u@y (WF) 6, 59
\αlwq 6
(UI) 6, 59
sw
we²Mw¼A 32
tm 103
itimadmin 105
wasadmin 105
WebSphere Application Server
utvµ 37, 63
]w 37, 43, 62, 70
uEJB vµ 37, 63
@δ 49, 75
² 49, 76
w 52, 53, 79, 80
Oⁿ 50, 77
l≤ 50, 77
Ωw 49, 76
UI 51, 78
uWsσ≤ ix
w", IBM DB2 12
w", IBM DB2 12
eQfzñ
Σ¼ 56, 83
°A-NzíqT 56, 83
eQCfxs"jpW¡, ²°Aµ 36, 62
xs"ljp, ²°Aµ 36, 62
í°A, WebSphere Application Server 3
pnΘΣñ x
eQKfO
u@ϕ 60
nΘ
²°A 58
INzí 58
Ωw 58
HTTP Ñq@≥ 81
JMS °A 58
Network Deployment Manager 58
WebSphere Application Server Base 58
WebSphere sw 103
b Network Deployment Manager zDx 99
w
Θx 80
b¿Uz@ºß½s 81
ΣLtm 73
D 57
64
Tivoli Identity Manager °A 57
wy 63
¿
ΣLtm 73
JOϕñ 59
Network Deployment Manager ºßw 64
WebSphere Application Server 4
bw Tivoli Identity Manager ºe 59
WebSphere Application Server 4
OW, WebSphere Application Server µ 62
°Ωxs, ²°Aµ 35, 61
eGQGf¬∩H vii
140 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
erf2809
≡ 28
m 29
8880
≡ 28
m 29
9043
≡ 28
9080
≡ 28
9090
≡ 28, 37
P wsmserver ≡≡, M 95
9091
≡ 37
9443
≡ 28
Aapplheapsz
OΘú¼ , ≤ 15
d, ≤s itimdb 12
BBootstrap/rmi ≡ 29
CCA
≥D 56, 83
ITIM_HOME/cert ² 56, 83
CD 88
Cell
sWI 99
WebSphere Application Server 3
Ddb2 connect, ⁿO 12
db2 create bufferpool, ⁿO 12
db2 create, ⁿO 12
db2 force application all, ⁿO 13
db2 update, ⁿO 12
db2 ¼², ⁿO 14
db2cmd, ⁿO 12
db2set, ⁿO 11
db2start, ⁿO 13
db2stop, ⁿO 13
EuEJB vµ, WebSphere Application Server 37, 63
enrole
b IBM DB2 °A 13
bOqúW 14
w] ID, Ωw 50, 77
HHTTP °A
tmí Cell 109
HTTP Ñq@≥, O 81
IIBM DB2
ⁿO
s¿¼² 14
db2 connect 12
db2 create 12
db2 create bufferpool 12
db2 force application all 13
db2 update 12
db2cmd 12
db2set 11
db2start 13
db2stop 13
usejdbc2 15
OΘú¼ , applheapsz 15
tm 11
b°A 13
bOqúW 14
°A 12
w" 12
applheapsz 15
JDBC Xí 14
TCP/IP qT 11
IBM Directory Server
tm
π 24
P WebSphere – Express o≡≡ 28
4.1 24
IBM HTTP Server
118
bw Tivoli Identity Manager ºe 31
w 97
w², µ 38
w, µ@°A 31
HTTP Ñq@≥ 81
IP , Ωwµ 35, 61
itimadmin
37, 106
ID, WebSphere Application Server 63
EJB 103, 104, 105
141
JJ2EE w
ΓBJ 53, 80
tm
hI 106, 107
µI 103
108
JDBC
su, Ωwxs"eqW¡ 35, 61
Xí@ IBM DB2 Ωwß 14
JMS °A
WebSphere Embedded Messaging Σ 9
Llibdelref
¿\Tº 26, 27
π 24
Mmqver -í, WebSphere MQ 95
NNetwork Deployment Manager
nM⌡µ 99
WebSphere Application Server 3
OOracle
w
AIX 16
HP-UX 19
Solaris 18
Windows 20
tm 20
Rroot
58
v¡ 58
runConfig, ≤ttm 53, 80
SSOAP s ≡ 29
SQL Server 2000
w 22
tm 22
Sun ONE Directory Server
tm 29
TTCP/IP tm, IBM DB2 11
timdelref.conf 25
Tivoli Identity Manager
tm
u@δv 49, 75
u²v 49, 76
uwv 52, 79
WebSphere Application Server ¡ε 9
uOⁿv 50, 77
ul≤v 50, 77
uΩwv 49, 76
UI 51, 78
MWⁿ
u@y (WF) 6
(UI) 6
úw 127
²°A⌡ 127
ΓtmΩTxsb WebSphere 127
BJ 128
ΣLú 127
Ωwϕµ 127
µ
ID 38, 63
KX 38, 63
Tivoli Identity Manager °A
w
31
y, µ@°A 38
y, O 63
µ@°A 31
O 57
qT 54, 82
CA 56, 83
UUI 51, 78
usejdbc2, ⁿO 15
Wwasadmin
t 103, 105
106
ID, WebSphere Application Server 37
wasadmin ID, WebSphere Application Server 63
WebSphere Application Server
[K 37, 62
bw Tivoli Identity Manager ºe 31
142 IBM Tivoli Identity Manager: °AwΓU Windows - WebSphere
WebSphere Application Server (≥)
tm
\αO 8
Tivoli Identity Manager ¡ε 9
µ@°A 4
µ@O 7
P WebSphere – Express o≡≡ 28
MWⁿ
I 3
INzí 3
í°A 3
O 4
O¿ 4
Cell 3
jmsserver 9
Network Deployment Manager 3
WebSphere Embedded Messaging Σ 9
WebSphere Web Server í 4
sw
utvµ 37, 63
]w 37, 43, 62, 70
uEJB vµ 37, 63
itimadmin 105
wasadmin 105
µ
u@D≈W 36
w² 37, 62
°AW 37
Oⁿh 38, 62, 63
≡ 37
l≤°AW 38, 62, 63
IW 37
z ID 36
zKX 36
OW 62
WebSphere Application Server Base
Γw, O 99
w 98
w, µ@°A 31
WebSphere Application Server Network Deployment
w 96
WebSphere Embedded Messaging Σ
bw Tivoli Identity Manager ºe 31
w², µ 37
w, µ@°A 31
@ 9
M WebSphere MQ 9
w²sb WebSphere MQ 95
WebSphere MQ
n CSD ≤sí 95
nS 95
M WebSphere Embedded Messaging Σ 9
mqvr -í 95
eSϕrf″secret″, w Tivoli Identity Manager ºßlKX 38, 63
ITIM_HOME 105
ITIM_HOME/cert ², CA 56, 83
WAS_HOME 104
143