Installing the virtual appliance on UNIX with directory server
After you install directory server, you must configure it on UNIX to install the IBM® Security Identity Governance and Intelligence Virtual Appliance.
Procedure
- Install the supported version of IBM Security Directory Server. You must import a template that has IBM Security Directory Server Version 6.4.
- Create an instance user in /opt/IBM/ldap/V6.4/sbin with
the following command.
./idsadduser -u dirinst -w password -g idsldap
- dirinst is the instance name.
- password is the password.
- idsldap is the default directory server group.
- Create a directory server instance with the following command.
./idsicrt -I dirinst -e encryptionseed -l /home/dirinst
- dirinst is the directory server instance name.
- encryptionseed is the encryption seed.
- /home/dirinst is the instance home.
- Create a user with the following commands. Note: You must add user to the root and idsldap group. You must make idsldap group the primary group for db2admin.
useradd -g idsldap db2admin passwd db2admin - use "ideas" for password usermod -G root db2admin
- Create a database for the newly created directory server
instance with the following command.
./idscfgdb -I dirinst -a db2admin -w password -t ldapdb -l /home/dirinst/
- dirinst is the directory server instance name.
- db2admin is the database administrator.
- password is the database administrator password.
- ldapdb is the database name.
- /home/dirinst is the instance home.
- Set the password for directory server instance's Principal
DN with the following command.
./idsdnpw -I dirinst -u cn=root -p password
- dirinst is the directory server instance name.
- cn=root is the Principal DN.
- password is the Principal DN password.
- Add the dc=com suffix in the directory
server instance with the following command.
./idscfgsuf -I dirinst -s dc=com
- dirinst is the directory server instance name.
- dc=com is the suffix.
- Start the directory server instance with the following
command.
./ibmslapd -I dirinst -n
- dirinst is the directory server instance name.
- Create the dccom.ldif file. Note: Create the dccom.ldif file in a temporary folder. For example, /temp/.
dn:dc=com objectclass:domain
- Import the dccom.ldif file.
opt/IBM/ldap/V6.4/bin/idsldapadd -D cn=root -w password -p 389 -f /temp/dccom.ldif
Parent topic: Configuring the DB2 server