Access Management 7.3.1

Install silently

AM provides configuration and upgrade tools for installing and maintaining your server. The AM-SSOConfiguratorTools-5.1.3.21.zip file contains libraries, legal notices, and supported binaries for these configuration tools. It also contains example configuration and upgrade properties files you can use as templates in your deployment.

When the AM server is deployed and running but not yet configured, you can use the configurator tool, openam-configurator-tool-14.1.3.21.jar, to install AM silently.

Perform the following tasks to install AM silently:

  1. Install the configuration tool. See Set up the configuration tools.

  2. Use the configuration tool to install AM using a property file. See Install AM silently.

Set up the configuration tools

  1. Verify that the JAVA_HOME environment variable is properly set:

    $ echo $JAVA_HOME
/path/to/jdk

  2. Create a file system directory to unpack the tools:

    $ mkdir -p /path/to/openam-tools/config

  3. Unpack the tools from where you unzipped AM:

    $ cd /path/to/openam-tools/config
$ unzip ~/Downloads/openam/AM-SSOConfiguratorTools-5.1.3.21.zip
Archive:  ~/Downloads/openam/AM-SSOConfiguratorTools-5.1.3.21.zip
creating: legal-notices/
inflating: legal-notices/LICENSE.DOM-software.html
inflating: legal-notices/NOTICE.resolver.txt
inflating: legal-notices/LICENSE.DOM-documentation.html
…​ (more output) …​
extracting: lib/xml-apis-2.11.0.jar
extracting: openam-configurator-tool-14.1.3.21.jar
extracting: lib/servlet-api-2.5.jar

Install AM silently

  1. Verify that the JAVA_HOME environment variable is properly set:

    $ echo $JAVA_HOME
/path/to/jdk

  2. The configurator tool needs a property file to specify the AM configuration. For property file options, see configurator.jar.

    Copy the sample configuration property file provided with AM, and modify properties as needed:

    $ cd /path/to/openam-tools/config
$ cp sampleconfiguration config.properties
$ grep -v "^#" config.properties \| grep -v "^$"
SERVER_URL=https://openam.example.com:8443
DEPLOYMENT_URI=/openam
BASE_DIR=/home/openam/
locale=en_US
PLATFORM_LOCALE=en_US
AM_ENC_KEY=
ADMIN_PWD=password
COOKIE_DOMAIN=example.com
ACCEPT_LICENSES=true
DATA_STORE=external
DIRECTORY_SSL=SIMPLE
DIRECTORY_SERVER=config.example.com
DIRECTORY_PORT=50389
DIRECTORY_ADMIN_PORT=4444
DIRECTORY_JMX_PORT=1689
ROOT_SUFFIX=dc=openam,dc=forgerock,dc=org
DS_DIRMGRDN=uid=admin
DS_DIRMGRPASSWD=password

    When setting options in the property file, note the following:

    • If you include the ACCEPT_LICENSES=true property, AM automatically accepts the software license agreement and suppresses the display of the license acceptance screen during silent installation.

    • When installing AM to support HTTPS, make sure the SERVER_URL property specifies a URL with HTTPS.

  3. Run the AM configurator tool, openam-configurator-tool-14.1.3.21.jar:

    $ java -jar openam-configurator-tool-14.1.3.21.jar --file config.properties

    You can specify additional runtime options on the command line:

    • With the --acceptLicense option, the installer auto-accepts the software licensing agreement and suppresses the display of the license acceptance screen, resulting in the same behavior as specifying ACCEPT_LICENSES=true in the configuration property file.

    • The -Djavax.net.ssl.trustStore=PATH_TO_JKS_TRUSTSTORE option is required when installing AM to support HTTPS. Specify the AM web container’s trust store for PATH_TO_JKS_TRUSTSTORE.

      The installer displays output similar to the following:

    $ java -jar openam-configurator-tool-14.1.3.21.jar --file config.properties
Checking license acceptance…​License terms accepted.
Checking configuration directory /home/openam…​.Success.
Installing OpenAM configuration store…​Success RSA/ECB/OAEPWithSHA1AndMGF1…​
Extracting OpenDJ, please wait…​Complete
Running OpenDJ setupSetup command: --cli --adminConnectorPort 4444
--baseDN dc=openam,dc=forgerock,dc=org --rootUserDN uid=admin
--ldapPort 50389 --skipPortCheck --rootUserPassword xxxxxxx --jmxPort 1689
--no-prompt --doNotStart --hostname openam.example.com …​
…​Success
Installing OpenAM configuration store in /home/openam/…​ …​Success.
Creating OpenAM suffixImport+task+ …​ …​Success
Tag swapping schema files…​.Success.
Loading Schema opendj_config_schema.ldif…​Success.

…​

…​Success.
Reinitializing system properties…​.Done
Registering service dashboardService.xml…​Success.

…​

Configuring system…​.Done
Configuring server instance…​.Done
Creating demo user…​.Done
Creating Web Service Security Agents…​.Done
Setting up monitoring authentication file.
Configuration complete!