Access Management 7.3.2

Install silently

AM provides configuration and upgrade tools for installing and maintaining your server. The AM-SSOConfiguratorTools-5.1.3.28.zip file contains libraries, legal notices, and supported binaries for these configuration tools. It also contains example configuration and upgrade properties files you can use as templates in your deployment.

When the AM server is deployed and running but not yet configured, you can use the configurator tool, openam-configurator-tool-14.1.3.28.jar, to install AM silently.

Perform the following tasks to install AM silently:

  1. Install the configuration tool. See Set up the configuration tools.

  2. Use the configuration tool to install AM using a property file. See Install AM silently.

Set up the configuration tools

  1. Verify that the JAVA_HOME environment variable is properly set:

    $ echo $JAVA_HOME
    /path/to/jdk
  2. Create a file system directory to unpack the tools:

    $ mkdir -p /path/to/openam-tools/config
  3. Unpack the tools from where you unzipped AM:

    $ cd /path/to/openam-tools/config
    $ unzip ~/Downloads/openam/AM-SSOConfiguratorTools-5.1.3.28.zip
    Archive:  ~/Downloads/openam/AM-SSOConfiguratorTools-5.1.3.28.zip
    creating: legal-notices/
    inflating: legal-notices/LICENSE.DOM-software.html
    inflating: legal-notices/NOTICE.resolver.txt
    inflating: legal-notices/LICENSE.DOM-documentation.html
    …​ (more output) …​
    extracting: lib/xml-apis-2.11.0.jar
    extracting: openam-configurator-tool-14.1.3.28.jar
    extracting: lib/servlet-api-2.5.jar

Install AM silently

  1. Verify that the JAVA_HOME environment variable is properly set:

    $ echo $JAVA_HOME
    /path/to/jdk
  2. The configurator tool needs a property file to specify the AM configuration. For property file options, see configurator.jar.

    Copy the sample configuration property file provided with AM, and modify properties as needed:

    $ cd /path/to/openam-tools/config
    $ cp sampleconfiguration config.properties
    $ grep -v "^#" config.properties \| grep -v "^$"
    SERVER_URL=https://openam.example.com:8443
    DEPLOYMENT_URI=/openam
    BASE_DIR=/home/openam/
    locale=en_US
    PLATFORM_LOCALE=en_US
    AM_ENC_KEY=
    ADMIN_PWD=password
    COOKIE_DOMAIN=example.com
    ACCEPT_LICENSES=true
    DATA_STORE=external
    DIRECTORY_SSL=SIMPLE
    DIRECTORY_SERVER=config.example.com
    DIRECTORY_PORT=50389
    DIRECTORY_ADMIN_PORT=4444
    DIRECTORY_JMX_PORT=1689
    ROOT_SUFFIX=dc=openam,dc=forgerock,dc=org
    DS_DIRMGRDN=uid=admin
    DS_DIRMGRPASSWD=password

    When setting options in the property file, note the following:

    • If you include the ACCEPT_LICENSES=true property, AM automatically accepts the software license agreement and suppresses the display of the license acceptance screen during silent installation.

    • When installing AM to support HTTPS, make sure the SERVER_URL property specifies a URL with HTTPS.

  3. Run the AM configurator tool, openam-configurator-tool-14.1.3.28.jar:

    $ java -jar openam-configurator-tool-14.1.3.28.jar --file config.properties

    You can specify additional runtime options on the command line:

    • With the --acceptLicense option, the installer auto-accepts the software licensing agreement and suppresses the display of the license acceptance screen, resulting in the same behavior as specifying ACCEPT_LICENSES=true in the configuration property file.

    • The -Djavax.net.ssl.trustStore=PATH_TO_JKS_TRUSTSTORE option is required when installing AM to support HTTPS. Specify the AM web container’s trust store for PATH_TO_JKS_TRUSTSTORE.

      The installer displays output similar to the following:

    $ java -jar openam-configurator-tool-14.1.3.28.jar --file config.properties
    Checking license acceptance…​License terms accepted.
    Checking configuration directory /home/openam…​.Success.
    Installing OpenAM configuration store…​Success RSA/ECB/OAEPWithSHA1AndMGF1…​
    Extracting OpenDJ, please wait…​Complete
    Running OpenDJ setupSetup command: --cli --adminConnectorPort 4444
    --baseDN dc=openam,dc=forgerock,dc=org --rootUserDN uid=admin
    --ldapPort 50389 --skipPortCheck --rootUserPassword xxxxxxx --jmxPort 1689
    --no-prompt --doNotStart --hostname openam.example.com …​
    …​Success
    Installing OpenAM configuration store in /home/openam/…​ …​Success.
    Creating OpenAM suffixImport+task+ …​ …​Success
    Tag swapping schema files…​.Success.
    Loading Schema opendj_config_schema.ldif…​Success.
    
    …​
    
    …​Success.
    Reinitializing system properties…​.Done
    Registering service dashboardService.xml…​Success.
    
    …​
    
    Configuring system…​.Done
    Configuring server instance…​.Done
    Creating demo user…​.Done
    Creating Web Service Security Agents…​.Done
    Setting up monitoring authentication file.
    Configuration complete!