--- title: Installing the server manually description: Choose your manual install mode for PingAuthorize Server and then perform the server installation. component: pingauthorize version: 11.0 page_id: pingauthorize:installing_and_uninstalling_pingauthorize:paz_install_server_manually canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/installing_and_uninstalling_pingauthorize/paz_install_server_manually.html revdate: July 29, 2022 section_ids: steps: Steps about-the-server-installation-modes: About the server installation modes installing-the-server-interactively: Installing the server interactively before-you-begin: Before you begin steps-2: Steps example: Example: installing-the-server-noninteractively: Installing the server noninteractively before-you-begin-2: Before you begin steps-3: Steps example-2: Example --- # Installing the server manually Choose your manual install mode for PingAuthorize Server and then perform the server installation. ## Steps 1. Read about the server installation modes and decide which mode you want to use. 2. Complete the steps for your chosen mode, interactive or noninteractive. ## About the server installation modes There are several different installation modes for PingAuthorize Server. PingAuthorize Server provides the following tools to help install and configure the system: * The `setup` tool performs the initial tasks needed to start PingAuthorize Server, including configuring Java virtual machine (JVM) runtime settings and assigning listener ports for the PingAuthorize Server's HTTP services. * The [`create-initial-config`](../pingauthorize_server_administration_guide/paz_config_user_store.html) tool configures connectivity between a System for Cross-domain Identity Management (SCIM) 2 user store and PingAuthorize Server. During the process, the `prepare-external-store` tool prepares each PingDirectory Server to serve as a user store by PingAuthorize Server. Configuration can be written to a file to use for additional installations. | | | | - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | Using `create-initial-config` is optional. However, if you do not use it, you do not get the user's profile (the requester's attributes). For more information, see [User profile availability in policies](../pingauthorize_server_administration_guide/paz_user_profile_avail_policies.html). | * After the initial setup is finished, you can use the [`dsconfig` tool](../pingauthorize_server_administration_guide/paz_examples_config_server.html) and the administrative console to perform additional configuration. | | | | - | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | You can use server profiles to automate deployment of PingAuthorize Server. For more information, see [Deployment automation and server profiles](../pingauthorize_server_administration_guide/paz_deploy_auto_server_prof.html). | To install a server instance, run the `setup` tool in one of the following modes: * Interactive command-line mode Prompts for information during the installation process. To run the installation in this mode, use the `setup --cli` command. * Noninteractive command-line mode Designed for setup scripts to automate installations or for command-line usage. To run the installation in this mode, setup must be run with the `--no-prompt` option as well as the other arguments required to define the appropriate initial configuration. You can perform all installation and configuration steps while signed on to the system as the user or the role under which PingAuthorize Server will run. ​ * Interactive * Noninteractive ## Installing the server interactively Run the `setup` tool, which prompts you interactively for the information that it needs to install PingAuthorize Server. ### Before you begin Be prepared to provide the following information: * The location of a valid license file * The name and password for an administrative account, which is also called the root user distinguished name (DN) * An available port for PingAuthorize Server to accept HTTPS requests * An available LDAPS port for PingAuthorize Server to accept administrative requests * Information related to the server's connection security, including the location of a [keystore](../pingauthorize_server_administration_guide/paz_keystores_truststores.html) that contains the server certificate, the nickname of that server certificate, and the location of a truststore * The amount of memory to reserve for usage by the Java virtual machine (JVM) * A unique instance name for the server ### Steps 1. Run the `setup` command. #### Example: ```shell $ ./setup ``` 2. To start and stop PingAuthorize Server, use the `start-server` and `stop-server` commands, respectively. For additional options, see [Starting PingAuthorize Server](../pingauthorize_server_administration_guide/paz_start_server.html). ## Installing the server noninteractively For an automated installation, run the `setup` tool in noninteractive, command-line mode. ### Before you begin Be prepared to provide the following settings using command-line arguments: * The location of a valid license file * The name and password for an administrative account, which is also called the root user distinguished name (DN). * An available port for PingAuthorize Server to accept HTTPS requests * An available LDAPS port for PingAuthorize Server to accept administrative requests * Information related to the server's connection security, including the location of a keystore that contains the server certificate, the nickname of that server certificate, and the location of a truststore * The amount of memory to reserve for usage by the Java virtual machine (JVM) * A unique instance name for the server ### Steps * Run the `setup` tool to install the server noninteractively. * For more information about the available setup options, run `setup` with the `--help` argument, which displays a complete list of setup options, along with examples. ```shell $ ./setup --help ``` ### Example The following example sets up PingAuthorize with these settings: * LDAP port 8389 * LDAPS port 8636 * HTTPS port 8443 * An automatically generated self-signed server certificate * 1 GB of memory reserved for the server's JVM * A unique server instance name of `pingauthorize1` * A server location of `Austin` ```shell $ ./setup \ --cli --no-prompt --acceptLicense \ --licenseKeyFile \ --rootUserDN "cn=directory manager" \ --rootUserPassword \ --ldapPort 8389 --ldapsPort 8636 \ --httpsPort 8443 \ --generateSelfSignedCertificate \ --maxHeapSize 1g \ --instanceName pingauthorize1 \ --location Austin ```