TAM安装1-25-CSDN博客

ibm-java2-i386-sdk-5.0-5.0.i386.rpm

1.yum install compat-gcc-34

会安装以下4个包，大约35Mb

compat-gcc version 3.4.6-4.1

glibc-devel version:2.5-81.el5_8.4

glibc-headers version:2.5-81.el5_8.4

glibc-kernheaders version:2.6.18-308.11.1.el5

2. yum install compat-gcc-34-c++

version:3.4.6-4.1 大约13MB

3.yum install compat-libstdc++-33 (RHEL5.8已经安装，可以省略)

4.yum install pdksh 大约206Kb

version:5.2.14-37.el5

5.yum install libXp 大约45Kb,拷贝 ibm-java2-i386-sdk-5.0-5.0.i386.rpm 到/tmp为下一步安装做准备。

yum -y install libXtst-1.0.99.2-3.el6.i686

yum -y install libXft-2.1.13-4.1.el6.i686

6.rpm -i --relocate /opt/ibm/java2-i386-50=/opt/ibm/java/1.5 ibm-java2-i386-sdk-5.0-5.0.i386.rpm

Java版本：

java -version

java version "1.5.0"

Java(TM) 2 Runtime Environment, Standard Edition (build pxi32dev-20070511(SR5))

IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux x86-32 j9vmxi3223-20070426 (JIT enabled)

J9VM - 20070420_12448_lHdSMR

JIT - 20070419_1806_r8

GC - 200704_19)

JCL - 20070511

7.vi .bash_profile中的PATH环境变量增加/opt/IBM/java/1.5/jre/bin

8.source .bash_profile

9.安装语言包准备

拷贝语言包zip文件到/tmp

解压

10.安装语言包

此处不安装，以后安装

GUI安装执行一下：

install_pdrte_lp （Access Manager runtime）

install_pdjrte_lp (Access Manager Runtime for Java)

install_pdwbrt_lp (Access Manager Web Security Runtime)

install_pdweb_lp (Access Manager WebSEAL)

控制台安装执行如下：

java -jar language_package.jar -console

pdjrte_lp_setup.jar

pdrte_lp_setup.jar

pdweb_lp_setup.jar

pdwebrte_lp_setup.jar

11. 安装DS

解压DS第一张盘，

到linux_i386/db2 下执行./db2_install

选择是否安装到不同的目录，选yes.

输入地址：/opt/ibm/db2/9.1

选择DB2版本，输入ESE

安装完毕，查看Log文件看有无错误

12.安装license

/opt/ibm/db2/9.1/adm/db2licm -a /DS_disk1解压路径/common/db2ese.lic

======================================================================

以下安装后运行idsicrt 失败，

/opt/ibm/ldap/V6.1/sbin/32/idsicrt: error while loading shared libraries: libibmldapdbg.so: cannot open shared object file: No such file or directory

13.安装客户端软件1

rpm -i --relocate /opt/ibm/ldap/V6.1=/opt/ibm/ldap/6.1 idsldap-cltbase61-6.1.0-6.i386.rpm

14.安装客户端软件2
rpm -i --relocate /opt/ibm/ldap/V6.1=/opt/ibm/ldap/6.1 idsldap-clt32bit61-6.1.0-6.i386.rpm
15.安装客户端软件3 relocate会报错，

rpm -i idsldap-cltjava61-6.1.0-6.i386.rpm （会安装到/opt/ibm/ldap/V6.1目录下）

relocate报错信息：

/var/tmp/rpm-tmp.31717: line 34: cd: /opt/ibm/ldap/V6.1/java: No such file or directory

/bin/tar: /opt/ibm/ldap/V6.1/java/java-Linux-TDS.tar: Cannot open: No such file or directory

/bin/tar: Error is not recoverable: exiting now

Error - JDK not untarred. Untar /opt/ibm/ldap/V6.1/java/java-Linux-TDS.tar before using configuration commands.

16.安装服务器包1 relocate安装会报错

rpm -ihv idsldap-srvbase32bit61-6.1.0-6.i386.rpm

17.安装服务器包2

rpm -i --relocate /opt/ibm/ldap/V6.1=/opt/ibm/ldap/6.1 idsldap-srv32bit61-6.1.0-6.i386.rpm

18.安装服务器包3

rpm -i --relocate /opt/ibm/ldap/V6.1=/opt/ibm/ldap/6.1 idsldap-msg61-en-6.1.0-6.i386.rpm

=======================================================================

12-1.配置了虚拟机静态地址。

12-2.配置了java路径。

13B.安装客户端软件和服务器端软件以及runtime for java （会安装到/opt/ibm/ldap/V6.1目录下）

rpm -ihv idsldap-cltbase61-6.1.0-6.i386.rpm

rpm -ihv idsldap-clt32bit61-6.1.0-6.i386.rpm

rpm -ihv idsldap-cltjava61-6.1.0-6.i386.rpm

rpm -ihv idsldap-srvbase32bit61-6.1.0-6.i386.rpm

rpm -ihv idsldap-srv32bit61-6.1.0-6.i386.rpm

rpm -ihv idsldap-msg61-en-6.1.0-6.i386.rpm

14B.升级GSK包

rpm -Uhv gsk7bas-7.0-4.11.i386.rpm

15B.添加组和账户

groupadd -g 2000 dbsysadm

usermod -G idsldap,dbsysadm root

mkdir -p /dbfile/db201

mkdir -p /backup/backup01

useradd -c "LDAP server" -g dbsysadm -u 2001 -s /bin/ksh -d /dbfile/db201/ldapdb2 -p wxxxxx ldapdb2

useradd -c "LDAP server" -g dbsysadm -u 2002 -s /bin/ksh -d /dbfile/db201/db2inst1 -p wxxxxx db2inst1

usermod -G idsldap ldapdb2

usermod -G idsldap db2inst1

passwd ldapdb2

passwd db2inst1

echo "password"|passwd --stdin ldapdb2

echo "password"|passwd --stdin db2inst1

16B.修改文件夹权限，建立direcotry server实例

//(Instance Administration Tool---GUI工具idsxinst此时用不了,会报错The java class could not be loaded. //java.lang.UnsatisfiedLinkError: cfgadminjni (Not found in java.library.path))

cd /dbfile/db201

chmod g=wrx db2inst1 ldapdb2

cd /opt/ibm/ldap/V6.1/sbin

./idsicrt -I db2inst1 -e abcdefghijklmn -p 389 -a 3538 -t db2inst1 -l /dbfile/db201/db2inst1

You have chosen to perform the following actions:

GLPICR020I A new directory server instance 'db2inst1' will be created.

GLPICR057I The directory server instance will be created at: '/dbfile/db201/db2inst1'.

GLPICR013I The directory server instance's port will be set to '389'.

GLPICR014I The directory server instance's secure port will be set to '636'.

GLPICR015I The directory instance's administration server port will be set to '3538'.

GLPICR016I The directory instance's administration server secure port will be set to '3539'.

GLPICR019I The description will be set to: 'IBM Tivoli Directory Server Instance V6.1'.

GLPICR021I Database instance 'db2inst1' will be configured.

Do you want to....

(1) Continue with the above actions, or

(2) Exit without making any changes:

17B.设置管理员DN和口令

直接运行：idsdnpw

Enter the directory server administrator password:

You have chosen to perform the following actions:

GLPDPW004I The directory server administrator DN will be set.

GLPDPW005I The directory server administrator password will be set.

Do you want to....

(1) Continue with the above actions, or

(2) Exit without making any changes:1

GLPDPW009I Setting the directory server administrator DN.

GLPDPW010I Directory server administrator DN was set.

GLPDPW006I Setting the directory server administrator password.

GLPDPW007I Directory server administrator password was set.

18B. 配置数据库，建立数据库

cd /opt/ibm/ldap/V6.1/sbin

./idscfgdb -a ldapdb2 -w wxxx -I db2inst1 -l /dbfile/db201/ldapdb2 -t liudb //此处应该是一个复杂密码

-----------

You have chosen to perform the following actions:

GLPCDB023I Database 'liudb' will be configured.

GLPCDB024I Database 'liudb' will be created at '/dbfile/db201/ldapdb2'

Do you want to....

(1) Continue with the above actions, or

(2) Exit without making any changes:1

GLPCDB035I Adding database 'liudb' to directory server instance: 'ldapdb2'.

GLPCTL017I Cataloging database instance node: 'ldapdb2'.

GLPCTL018I Cataloged database instance node: 'ldapdb2'.

GLPCTL008I Starting database manager for database instance: 'ldapdb2'.

GLPCTL009I Started database manager for database instance: 'ldapdb2'.

GLPCTL026I Creating database: 'liudb'.

GLPCTL027I Created database: 'liudb'.

GLPCTL034I Updating the database: 'liudb'

GLPCTL035I Updated the database: 'liudb'

GLPCTL020I Updating the database manager: 'ldapdb2'.

GLPCTL021I Updated the database manager: 'ldapdb2'.

GLPCTL023I Enabling multi-page file allocation: 'liudb'

GLPCTL024I Enabled multi-page file allocation: 'liudb'

GLPCDB005I Configuring database 'liudb' for directory server instance: 'ldapdb2'.

GLPCDB006I Configured database 'liudb' for directory server instance: 'ldapdb2'.

GLPCTL037I Adding local loopback to database: 'liudb'.

GLPCTL038I Added local loopback to database: 'liudb'.

GLPCTL011I Stopping database manager for the database instance: 'ldapdb2'.

GLPCTL012I Stopped database manager for the database instance: 'ldapdb2'.

GLPCTL008I Starting database manager for database instance: 'ldapdb2'.

GLPCTL009I Started database manager for database instance: 'ldapdb2'.

GLPCDB003I Added database 'liudb' to directory server instance: 'ldapdb2'.

19.建立备份（目录数据和配置文件）

cd /backup/backup01

mkdir db2inst1 ldapdb2

chown ldapdb2:dbsysadm ldapdb2

chown db2inst1:dbsysadm db2inst1

chmod 770 db2inst1 ldapdb2

/opt/ibm/ldap/V6.1/sbin/idsdbback -I db2inst1 -k /backup/backup01/ldapdb2

不能备份到NFS上，否则报错，只能在本地磁盘备份。

-----

You have chosen to perform the following actions:

GLPDBB029I The database and configuration files for directory server instance 'ldapdb2' will be backed up to '/backup/backup01/ldapdb2'.

Do you want to....

(1) Continue with the above actions, or

(2) Exit without making any changes:1

GLPDBB008I Backing up directory server instance 'ldapdb2'.

GLPDBB015I Backing up the configuration file for the directory server instance 'ldapdb2'.

GLPDBB016I Backed up the configuration file for the directory server instance 'ldapdb2'.

GLPDBB018I Backing up the key stash files for the directory server instance 'ldapdb2'.

GLPDBB019I Backed up the key stash files for the directory server instance 'ldapdb2'.

GLPDBB021I Backing up the schema files for the directory server instance 'ldapdb2'.

GLPDBB022I Backed up the schema files for the directory server instance 'ldapdb2'.

GLPCTL008I Starting database manager for database instance: 'ldapdb2'.

GLPCTL009I Started database manager for database instance: 'ldapdb2'.

GLPCTL098I Backing up database liudb.

GLPCTL099I Backed up database liudb.

GLPDBB026I Saving backup information to a file.

GLPDBB027I Saved backup information to a file.

GLPDBB009I Backed up directory server instance 'ldapdb2'.

20. 添加自定义后缀名

/opt/ibm/ldap/V6.1/sbin/idscfgsuf -s dc=test,dc=com

idscfgsuf -s "secAuthority=Default" //使用缺省的话安装程序会根据主机域名来自动设定。

要取消刚才的设定可以用idsucfgsuf -s xx来取消

You have chosen to perform the following actions:

GLPCSF007I Suffix 'dc=test,dc=com' will be added to the configuration file of the directory server instance 'ldapdb2'.

Do you want to....

(1) Continue with the above actions, or

(2) Exit without making any changes:1

GLPCSF004I Adding suffix: 'dc=test,dc=com'.

GLPCSF005I Added suffix: 'dc=test,dc=com'.

21.启动DS服务，两种方式

（1）命令行启动：ibmslapd

启动admin daemon: idsdiradm -I <instancename>

停止admin daemon: idsdiradmin -k -I <instancename>

启动instance: idsslapd -I <instancename>

停止instance: idsslapd -I <instancename> -k

（2）通过web administration tools启动

目录管理守护程序ibmdiradm 占用3538端口，若是启用SSL则是3539端口。它在ITDS上用来做远程管理用。支持对

ITDS的启动停止和状态监视。缺省情况下，ITDS安装时会运行该程序。Web administration tools需要该服务在运行。

安装另一台RHEL,安装IDS Web Administration tool，再安装WAS, 配置Web工具到WAS中，然后启动web工具。

在DS第二张CD上，安装 web administration tools 到新RHEL上上。

rpm -ihv idsldap-webadmin61-6.1.0-6.i386.rpm

安装成功后，安装WAS,

./WAS/install //WAS-CD1上

./IHS/install //WAS-CD2上

./plugin/install

然后配置，

a.指定Web Administration Tool application
的 IDSWebApp.war 文件。

install_dir/idstools/IDSWebApp.war

b.In the Context Root field, specify the following command:

/IDSWebApp

c.next 按提示走。

最后启动它。

/opt/WebSphere/AppServer/bin/startServer.sh server1

WAS的控制台登录入口为http://hostname:9060/ibm/console

打开RHEL上的浏览器。输入

http://hostname:9080/IDSWebApp/IDSjsp/Login.jsp

用户名：superadmin 密码：secret

加入服务器后，cn=root登录。然后启动Directory Server服务。

22.空

23.(第5步已经安装)安装policy server准备工作 //和本次安装无关：安装语言包会报错的话，安装如下包：yum install libXtst.i386

yum install libXft.i386 //这是32位的包,870Kb

yum install libXtst.i386 //16kb

24.安装policy server

./install_ammgr

输入TAM管理员口令

管理域DN,ldap类型。ldap主机地址，端口等。

可选安装Rumtime for Java

安装runtime for java(在Base光盘上)方法:A：在窗口界面到base解压出来的目录下运行

install_amjrte

输入policy server的主机名即可安装

方法B:rpm -ihv PDJrte-PD-6.1.1.0-0.i386.rpm

然后执行/opt/PolicyDirector/sbin/pdjrtecfg -action config -interactive

25. 安装WebSEAL

./install_amweb