Choose your manual install mode for PingAuthorize Server and then perform the server installation.
- Read about the server installation modes and decide which mode you want to use.
- Complete the steps for your chosen mode, interactive or noninteractive.
About the server installation modes
There are several different installation modes for PingAuthorize Server.
PingAuthorize Server provides the following tools to help install and configure the system:
- The setup tool performs the initial tasks needed to start PingAuthorize Server, including configuring Java virtual machine (JVM) runtime settings and assigning listener ports for the PingAuthorize Server's HTTP services.
- The create-initial-config tool
configures connectivity between a System for Cross-domain Identity Management (SCIM)
2 user store and PingAuthorize Server. During
the process, the prepare-external-store tool prepares each
PingDirectory Server to serve as a user store by
PingAuthorize Server. Configuration can be
written to a file to use for additional installations.Note:
Using create-initial-config is optional. However, if you do not use it, you do not get the user's profile (the requester's attributes). For more information, see User profile availability in policies.
- After the initial setup is finished, you can use the dsconfig tool and the administrative console to perform additional configuration.
- Interactive command-line mode
- Prompts for information during the installation process. To run the installation in this mode, use the setup --cli command.
- Noninteractive command-line mode
- Designed for setup scripts to automate installations or for command-line usage. To run the installation in this mode, setup must be run with the --no-prompt option as well as the other arguments required to define the appropriate initial configuration.
You can perform all installation and configuration steps while signed on to the system as the user or the role under which PingAuthorize Server will run.
Installing the server interactively
Run the setup tool, which prompts you interactively for the information that it needs to install PingAuthorize Server.
Be prepared to provide the following information:
- The location of a valid license file
- The name and password for an administrative account, which is also called the root user distinguished name (DN)
- An available port for PingAuthorize Server to accept HTTPS requests
- An available LDAPS port for PingAuthorize Server to accept administrative requests
- Information related to the server's connection security, including the location of a keystore that contains the server certificate, the nickname of that server certificate, and the location of a truststore
- The amount of memory to reserve for usage by the Java virtual machine (JVM)
- A unique instance name for the server
Installing the server noninteractively
For an automated installation, run the setup tool in noninteractive, command-line mode.
- The location of a valid license file
- The name and password for an administrative account, which is also called the root user distinguished name (DN).
- An available port for PingAuthorize Server to accept HTTPS requests
- An available LDAPS port for PingAuthorize Server to accept administrative requests
- Information related to the server's connection security, including the location of a keystore that contains the server certificate, the nickname of that server certificate, and the location of a truststore
- The amount of memory to reserve for usage by the Java virtual machine (JVM)
- A unique instance name for the server
- LDAP port 8389
- LDAPS port 8636
- HTTPS port 8443
- An automatically generated self-signed server certificate
- 1 GB of memory reserved for the server’s JVM
- A unique server instance name of
pingauthorize1
- A server location of
Austin
$ ./setup \
--cli --no-prompt --acceptLicense \
--licenseKeyFile <path-to-license> \
--rootUserDN "cn=directory manager" \
--rootUserPassword <your-password> \
--ldapPort 8389 --ldapsPort 8636 \
--httpsPort 8443 \
--generateSelfSignedCertificate \
--maxHeapSize 1g \
--instanceName pingauthorize1 \
--location Austin