How To Install Libgcc 3.4.6 Sol9 Sparc Local

Deploying the connector involves the following steps:

Unzip the packages and install the files using the following commands: For the GNU Compiler: # gunzip libgcc-3.4.6-sol9-sparc-local.gz # pkgadd -d libgcc-3.4.6-sol9-sparc-local For Zlib: # gunzip zlib-1.2.3-sol9-sparc-local.gz # pkgadd -d zlib-1.2.3-sol9-sparc-local For OpenSSL: # gunzip openssl-0.9.81-sol9-sparc-local.gz # pkgadd -d openssl-0.9.81-sol9-sparc-local.

Step 1: Verifying Deployment Requirements

The following table lists the deployment requirements for the connector.

Item	Requirement
Oracle Identity Manager	Oracle Identity Manager release 8.5.3 or later
Target systems	The target system can be any one of the following: Solaris 8 - 10 HP-UX 11.11 (trusted/nontrusted) Linux (Red Hat Advanced Server 2.1, Red Hat Enterprise Linux 3.x, or Red Hat Linux 4.x) AIX 4.3, AIX 5.1 - 5.3
External code	JSCAPE SSH/SSH Libraries (SSH factory)
Other systems	OpenSSH, OpenSSL, operating system patches (HP-UX), and SUDO software (only if the SUDO Admin mode is required)
Target system user account	root or sudo user You provide the credentials of this user account while performing the procedure in the 'Defining IT Resources' section. If you do not use a target system user account of the specified type, then an error message similar to the following would be displayed when Oracle Identity Manager tries to exchange data with the target system: SSH_USER_NORIGHTS_FAIL
Character encoding (en_US) supported by the target system	The target system must support en_US character encoding standards such as UTF-8 and iso8859. Use the following command to check the en_US character encoding standards that the target system supports: Note: If the target system does not support any of the en_US character encoding standards, then you must install the en_US language pack.

The supported shell types for various operating systems are given in the following table.

Solaris	HP-UX	Linux	AIX
sh	csh	ksh	csh
csh	ksh	bash	ksh
-	sh	sh	sh
-	-	csh	-

Step 2: Configuring the Target System

Configuring the target system involves the steps described in the following sections:

Platform-Specific Configuration Steps

This section provides instructions to configure the target system on the following platforms:

Configuration Steps for Solaris and Linux

Perform the following steps for Solaris and Linux environments:

1. Ensure that the /etc/passwd and /etc/shadow files are available on the UNIX server.

2. Ensure that a passwd mirror file is created on the target server by using a command similar to the following:

   The same file name with the path must be inserted in the Passwd Mirror File/User Mirror File attribute of the reconciliation scheduled task.

3. Ensure that a shadow mirror file is created on the target server by using a command similar to the following:

   The name and path of this file must be specified for the Shadow Mirror File attribute of the reconciliation scheduled task.

Configuration Steps for AIX

Perform the following steps for AIX environments:

1. Ensure that the /etc/passwd and /etc/security/user files are available on the server.

2. Ensure that a user mirror file is created on the server by using a command similar to the following:

   The name and path of this file must be specified for the Passwd Mirror File/User Mirror File (AIX) attribute of the scheduled task for reconciliation.

Configuration Steps for HP-UX

Perform the following steps for HP-UX environments:

1. Log in as root and then run the following command:

2. Select Auditing and Security and System Security Policies. A message is displayed asking if you want to switch to the trusted mode.

3. Click OK.

   If the following message is displayed, then skip the next step:

4. Ensure that the /etc/passwd and /etc/shadow directories are available on the target server.

   If the shadow file does not exist, then follow the installation instructions at

   All the patches are available in the HP patch database, which you can download from

Installing External Software

This section describes the procedure to install external software.

Installing OpenSSH

Follow these steps to install OpenSSH on Solaris 9 or HP-UX.

For Solaris 8

1. If SSH is not installed on the Solaris server, then install the appropriate OpenSSH. For Solaris 8, you can download the packages listed in this section from

   If the GCC compiler is not installed, then you must install the packages in the following file:

   The following packages are included in this file. You must install these packages in the specified order:

   1. prngd-0.9.25-sol8-sparc-local.gz (optional)

   2. tcp_wrappers-7.6-sol8-sparc-local.gz (optional, but recommended)

   3. zlib-1.2.1-sol8-sparc-local.gz

   4. openssl-0.9.7g-sol8-sparc-local.gz

   5. openssh-4.1p1-sol8-sparc-local.gz

2. Create a group with the name sshd and group ID 27. Add a user with the name sshadmin to this group.

3. To enable root logins, change the value of PermitRootLogin in the /etc/ssh/sshd_config file as follows:

   Note:

   Implement this change only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

For Solaris 9

1. If SSH is not installed on the Solaris server, then install the appropriate OpenSSH. For Solaris 9, you can download the packages listed in this section from

   Note:

   If the GCC compiler is not installed, then install the following packages:

   libgcc-3.4.1-sol9-sparc-local.gz

   libiconv-1.8-sol9-sparc-local.gz

   You must install these packages in the following order:

   1. prngd-0.9.25-sol9-sparc-local.gz

   2. tcp_wrappers-7.6-sol9-sparc-local.gz

   3. zlib-1.2.1-sol9-sparc-local.gz

   4. openssl-0.9.7d-sol9-sparc-local.gz

   5. openssh-3.9p1-sol9-sparc-local.gz

2. Create a group with the name sshd and group ID 27. Add a user with the name sshadmin to this group.

3. To enable root logins, change the value of PermitRootLogin in the /etc/ssh/sshd_config file as follows:

   Note:

   Implement this change only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

For Solaris 10

By default, OpenSSH is installed on Solaris 10. If it is not installed, then install the OpenSSH server from the operating system installation CD. To enable SSH on Solaris 10, make the following changes in the /etc/ssh/ssh_config file:

1. Remove the comment character from the Host * line.

2. To enable root logins, change the value of PermitRootLogin in the /etc/ssh/sshd_config file as follows:

   Note:

   Implement this change only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

For HP-UX

If SSH is not installed on the UNIX server, then install the appropriate OpenSSH:

1. For HP-UX 11.11, download and install the appropriate patch from

   For HP-UX B.11.11, download the file, PHCO_33711.depot for hpux_800_11.11_11300132-patch.tgz. Use the following command to install it:

2. Download and install OpenSSH. You can download the T1471AA_A.03.81.002_HP-UX_B.11.11_32+64.depot file from

   After the patch is successfully installed, use the following command to install openSSH.

   After this is installed, the HP-UX Secure Shell daemon (sshd) is automatically preconfigured and started.

3. Create a group with the name sshd.

4. Add a user with the name sshadmin to this group.

5. To enable root logins, change the value of PermitRootLogin in the /etc/ssh/sshd_config file as follows:

   Note:

   Implement this change only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

For Linux

By default, OpenSSH is installed on Red Hat Advanced Server 2.1 and Red Hat Enterprise Linux 3. If it is not installed, then install the OpenSSH server from the operating system installation CD.

For AIX

If SSH is not installed on the AIX 5.2 server, then perform the following steps:

1. Download and install OpenSSL.

   Download the openssl-0.9.7d-aix5.1.ppc.rpm file from

   Then, enter the following command to install OpenSSL:

   In this command, /root/download is the location on the AIX server where the openssl-0.9.7d-2.aix5.1.ppc.rpm file is stored.

2. Download and install PRNG.

   Download the prngd-0.9.23-3.aix4.3.ppc.rpm file from

   Then, enter the following command to install PRNG:

   In this command, /root/download is the location on the AIX server where the prngd-0.9.23-3.aix4.3.ppc.rpm file is stored.

3. Download and install OpenSSH.

   Download the openssh-3.8.1p1_52.tar.gz file from

   Then, enter the following commands to install openSSH:

   In these commands, /root/download is the location on the AIX server where the openssh-3.8.1p1_52.tar.gz file is stored.

4. To enable root logins, change the value of PermitRootLogin in the /etc/ssh/sshd_config file as follows:

   Note:

   Implement this change only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

Installing and Configuring SUDO

If you want to use the SSH connector in the SUDO Admin mode, then perform the following steps to install and configure SUDO:

For Solaris

1. If SUDO is not installed on the Solaris server, then first download it.

   • For Solaris 9, download the sudo-1.6.8p4-sol9-sparc-local.gz file from

   • For Solaris10, download the sudo-1.6.8p9-sol9-sparc-local.gz file from

   • For Solaris 8, download the sudo-1.6.8p9-sol8-sparc-local.gz file from

2. Use the following command to install SUDO:

3. Edit the sudoers file on the Solaris server to customize it according to your requirements. This file is located in the following directory:

   For example, if a group named mqm exists on the Solaris server, and you require all members of the group to act as SUDO users with all possible privileges, then the sudoers file must contain a line similar to the following:

   This is only a sample configuration. If you require some other group members or individual users to be SUDO users with specific privileges, then you must edit this file as you did for the sample value mqm.

   This connector uses the following commands:

   • useradd

   • usermod

   • passwd

   • cat

   • diff

   • userdel

   Therefore, the SUDO user must have privileges to run these commands.

   Note:

   Do not use the NOPASSWD: ALL option for any SUDO user or group.

   For information about customizing the sudoers file, refer to

4. Edit the same sudoers file so that every time a command is run in SUDO Admin mode, the SUDO user is prompted for the password. Add the following line under the # Defaults specification header:

   This is a prerequisite for this connector to work successfully.

5. Log in to the Solaris computer as root, and enter the following commands:

6. Create a SUDO user. The SUDO user must be created according to the constraints specified in the sudoers file.

   The SUDO user must always be created with its home directory by using a command similar to the following:

7. In the sudo user's .profile file, which is created in the sudo user's home directory, add the following lines to set the value of the PATH environment variable:

For HP-UX

1. If SUDO is not installed on the HP-UX server, then install the appropriate SUDO. For HP-UX, download the sudo-1.6.8p6-sd-11.11.depot.gz file from

   Enter the following command to install SUDO:

2. Edit the sudoers file to customize it according to your requirements. This file is located in the following directory:

   For example, if you have a group named mqm on the HP-UX server and you want all members of the group to act as SUDO users with all possible privileges, then the sudoers file must contain the following line:

   This is only a sample configuration. If you want to make SUDO users with specific privileges out of other group members or individual users, then edit this file as you did for the sample value mqm.

   This connector uses the following commands:

   • useradd

   • usermod

   • passwd

   • cat

   • diff

   • userdel

   Therefore, the SUDO user must have the privileges required to run these commands.

   Note:

   Do not use the NOPASSWD: ALL option for any SUDO user or group.

   For information about customizing the sudoers file, refer to

3. Edit the same sudoers file so that every time a command is run in SUDO Admin mode, the SUDO user is prompted for a password. Add the following line under the # Defaults specification header:

   This is an essential prerequisite for the connector to work successfully.

4. Copy the sudoers file that you edited into the /etc directory of the target system. After copying the file, enter the following command:

   Then, change the name of the file from sudoers1 to sudoers.

5. Log in as root, and enter the following commands on the HP-UX computer:

6. Create a SUDO user. The SUDO user should be created according to the constraints specified in the sudoers file.

   The SUDO user should always be created with its home directory by using a command similar to the following:

   In addition, in the .profile file, which is created in the home directory, add the following lines to set the appropriate PATH:

For AIX

1. If SUDO is not installed on AIX 5.2, then install the appropriate SUDO AIX 5.2 version sudo-1.6.7p5-2.aix5.1.ppc.rpm file from

2. If RPM Package Manager is not installed on the AIX 5.2 server, then install it from

3. Enter the following command to install SUDO:

   In this command, /root/download is the location on the AIX server where the sudo-1.6.7p5-2.aix5.1.ppc.rpm file is stored.

4. Edit the sudoers file, which is in the /etc directory on the AIX server, to customize the file according to your requirements.

   For example, if you have a group named mqm in the AIX server and require all members of the group to act as SUDO users with all possible privileges, then the sudoers file must contain the following line:

   This is only a sample configuration. If you need other group members or individual users to be SUDO users with specific privileges, then edit this file as was done for the sample value mqm.

   This connector uses the following commands:

   • mkuser

   • chuser

   • passwd

   • cat

   • diff

   • usermod

   • rmuser

   Therefore, the SUDO user must have the privileges required to run these commands.

   Note:

   Do not use the NOPASSWD: ALL option for any SUDO user or group.

   For information about customizing the sudoers file, refer to

5. Edit the same sudoers file to configure the system, so that every time a command is run through SUDO Admin mode, the SUDO user is prompted for a password. Add the following line under the # Defaults specification header:

   Defaults timestamp_timeout=0

   This is a prerequisite for this connector to work successfully.

6. Create a SUDO user. The SUDO user should be created according to the constraints specified in the sudoers file.

For Red Hat Advanced Server 2.1

1. If SUDO is not installed on the Red Hat Advanced Server 2.1 server, then install the appropriate SUDO. To do this, first download the sudo-1.6.7p5-1.i686.rpm file from

   Then, enter the following command to install SUDO:

   In this command, /root/download is the location on the Linux server where the sudo-1.6.7p5-1.i686.rpm file is stored.

2. Use the visudo command to edit and customize the /etc/sudoers file according to your requirements.

   Note:

   If you cannot use the visudo command to edit the sudoers file, then:

   1. Enter the following command:

   2. Make the required changes in the sudoers file.

   3. Enter the following command:

   For example, if you have a group named mqm on the Linux server and require all members of the group to act as SUDO users with all possible privileges, then the sudoers file must contain the following line:

   This example is only a sample configuration. If you need other group members or individual users to be SUDO users with specific privileges, then edit this file as was done for the sample value mqm.

   The commands that this connector uses are:

   • useradd

   • usermod

   • passwd

   • cat

   • diff

   • userdel

   Therefore, the SUDO user must have the privileges required to run these commands.

   Note:

   Do not use the NOPASSWD: ALL option for any SUDO user or group.

   For information about customizing the sudoers file, refer to

3. Edit the same sudoers file to configure the system, so that every time a command is run in SUDO Admin mode, the SUDO user is prompted for a password. Under the # Defaults specification header, add the following line:

   This is a prerequisite for this connector to work successfully.

4. Create a SUDO user as follows:

   1. Enter the following command:

      In this command:

      - group_name is the SUDO users group for which there is an entry in the /etc/sudoers file.

      - directory_name is the name of the directory in which you want to create the default directory for the user.

   2. In the .bash_profile file, which is created in the /home/directory_name directory, add the following lines to set the PATH environment variable:

For Red Hat Enterprise Linux 3.x and Red Hat Linux 4.x

1. If SUDO is not installed on the Red Hat Enterprise Linux 3.x or 4.x server, then install the appropriate SUDO. For Linux Advanced Server 3.0 and 4.1, download the sudo-1.6.7p5-1.i686.rpm file from

   Then, enter the following command to install SUDO:

   In this command, /root/download is the location on the Linux server where the sudo-1.6.7p5-1.i686.rpm file is stored.

2. Use the visudo command to edit and customize the /etc/sudoers file according to your requirements.

   Note:

   If you cannot use the visudo command to edit the sudoers file, then:

   1. Enter the following command:

   2. Make the required changes in the sudoers file.

   3. Enter the following command:

   For example, if you have a group named mqm on the Linux server and want all of the members of the group to act as SUDO users with all possible privileges, then the sudoers file must contain the following line:

   This is only a sample configuration. If you want some other group members or individual users to be SUDO users with specific privileges, you must edit this file as was done for the sample value mqm.

   This connector uses the following commands:

   • useradd

   • Macs fan control mac. usermod

   • passwd

   • cat

   • diff

   • userdel

   Therefore, the SUDO user must have the privileges required to run these commands.

   Note:

   Do not use the NOPASSWD: ALL option for any SUDO user or group.

   For information about customizing the sudoers file, refer to

3. Edit the same sudoers file to configure the system, so that every time a command is run in SUDO Admin mode, the SUDO user is prompted for a password. Under the # Defaults specification header, add the following line:

   This is a prerequisite for this connector to work successfully.

4. Create a SUDO user as follows:

   1. Enter the following command:

      In this command:

      - group_name is the SUDO users group for which there is an entry in the /etc/sudoers file.

      - directory_name is the name of the directory in which you want to create the default directory for the user.

   2. In the .bash_profile file, which is created in the /home/directory_name directory, add the following lines to set the PATH environment variable:

Public Key Authentication (SSH Key Generation)

This section discusses the following topics:

Configuring Public Key Authentication

To configure Public Key Authentication:

1. Copy SSH/scripts/privateKeyGen.sh to any directory on the server.

2. Open this script file in a text editor and specify a working directory path other than the default value given in the file.

3. If required, enter the following command:

   For Solaris or Linux:

   For HP-UX:

4. Run the privateKeyGen.sh script on the UNIX server. Provide a secure pass phrase when prompted.

   When these commands are run, the following files are created in the $HOME/.ssh directory:

   • id_rsa: This is a private key file.

   • authorized_keys: This file lists public keys that can be used to log in.

5. When the keys are generated successfully, edit the sshd_config file for Public Key Authentication and test login.

6. After successfully testing login, copy the id_rsa file to the following directory:

   Note:

   This release of the connector has been tested and certified only for RSA keys, and not DSA. In addition, this connector has been tested and certified for only single key configuration and not multiple keys.

Configuring SSH Public Key Authentication

To configure SSH Public Key Authentication:

For Solaris

1. Set the following parameters in the /etc/ssh/sshd_config file:

   Note:

   Change the value of PermitRootLogin to yes only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

2. To restart the SSH server, enter the following commands:

   • /etc/init.d/sshd stop

   • /etc/init.d/sshd start

3. To test login:

   This command prompts you for the passkey before setting up the connection.

For HP-UX

1. Uncomment the following lines in the /etc/ssh/sshd_config file:

   Note:

   Change the value of PermitRootLogin to yes only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

2. To restart the SSH Server, enter the following command:

3. To test login, enter the following command:

   When prompted, enter the passkey to connect to the server.

For Linux

1. Enter the following commands at the UNIX server prompt:

   You are prompted to enter a passphrase when you enter these commands. You can press Enter if you do not want to use a passphrase.

2. Add the following line in the /etc/ssh/sshd_config file:

3. Enter the following commands to restart the UNIX server:

4. To check if you can connect to the target system using the SSH protocol, directly from the command prompt and without using a password, enter the following command:

5. Copy the /.ssh/id_rsa file to the following directory:

6. When you perform the procedure described in the 'Defining IT Resources' section, provide the name and full path of the id_rsa file as the value of the Private Key parameter:

For AIX

1. The first step of this procedure depends on the version of AIX that you are using:

   • For AIX 4.3, use the /etc/openssh/sshd_config file to set the following parameters:

   • For AIX 5.2, use the /etc/ssh/sshd_config file to set the following parameters:

2. Open the /etc/ssh/sshd_config file, and uncomment the following lines:

   Note:

   Change the value of PermitRootLogin to yes only if it does not violate local security policies. If Public Key Authentication is enabled, then you can change the value of PermitRootLogin to without-password.

   Instead of using the root account, if you can use a user account with sudo privileges, then you do not need to perform this step.

3. To restart the SSH server, enter the following commands:

   • /opt/ssh/sbin/sshd (For AIX 4.3)

   • /usr/sbin/sshd (For AIX 5.2)

4. To test the login, enter the following command:

   When prompted, enter the passkey to connect to the server.

   Note:

   This release of the connector does not support Public Key Authentication provisioning if it is implemented through the SUDO Admin mode. The Public Key Authentication used for system access is available for the root user. This point is also mentioned in the Known Issues list in Chapter 5.

Step 3: Copying the Connector Files

The connector files to be copied and the directories to which you must copy them are given in the following table.

Note:

The directory paths given in the first column of this table correspond to the location of the connector files in the following directory on the installation media:

Refer to the 'Files and Directories That Comprise the Connector' section for more information about these files.

File in the Installation Media Directory	Destination Directory
Files in the resources directory
Files in the scripts directory
Files and directories in the test directory
Files in the xml directory

Note:

While installing Oracle Identity Manager in a clustered environment, you copy the contents of the installation directory to each node of the cluster. Similarly, you must copy the connectorResources directory and the JAR files to the corresponding directories on each node of the cluster.

Step 4: Configuring the Oracle Identity Manager Server

Configuring the Oracle Identity Manager server involves the following procedures:

Note:

In a clustered environment, you must perform this step on each node of the cluster.

Changing to the Required Input Locale

Changing to the required input locale (language and country setting) involves installing the required fonts and setting the required input locale.

You may require the assistance of the system administrator to change to the required input locale.

Clearing Content Related to Connector Resource Bundles from the Server Cache

While performing the instructions described in the 'Step 3: Copying the Connector Files' section, you copy files from the resources directory on the installation media into the OIM_home/xellerate/connectorResources directory. Whenever you add a new resource bundle in the connectorResources directory or make a change in an existing resource bundle, you must clear content related to connector resource bundles from the server cache.

To clear content related to connector resource bundles from the server cache:

1. In a command window, change to the OIM_home/xellerate/bin directory.

   Note:

   You must perform Step 1 before you perform Step 2. If you run the command described in Step 2 as follows, then an exception is thrown:

2. Enter one of the following commands:

   • On Microsoft Windows:

   • On UNIX:

   Note:

   You can ignore the exception that is thrown when you perform Step 2.

   In this command, ConnectorResourceBundle is one of the content categories that you can remove from the server cache. Refer to the following file for information about the other content categories:

Enabling Logging

When you enable logging, Oracle Identity Manager automatically stores in a log file information about events that occur during the course of provisioning and reconciliation operations. To specify the type of event for which you want logging to take place, you can set the log level to one of the following:

• ALL

  This level enables logging for all events.

• DEBUG

  This level enables logging of information about fine-grained events that are useful for debugging.

• INFO

  This level enables logging of informational messages that highlight the progress of the application at coarse-grained level.

• WARN

  This level enables logging of information about potentially harmful situations.

• ERROR

  This level enables logging of information about error events that may still allow the application to continue running.

• FATAL

  This level enables logging of information about very severe error events that could cause the application to stop functioning.

• OFF

  This level disables logging for all events.

The file in which you set the log level depends on the application server that you use:

• BEA WebLogic

  To enable logging:

  1. Add the following line in the OIM_home/xellerate/config/log.properties file:

  2. In this line, replace log_level with the log level that you want to set.

     For example:

  After you enable logging, log information is written to the following file:

• IBM WebSphere

  To enable logging:

  1. Add the following line in the OIM_home/xellerate/config/log.properties file:

  2. In this line, replace log_level with the log level that you want to set.

     For example:

  After you enable logging, log information is written to the following file:

• JBoss Application Server

  To enable logging:

  1. In the JBoss_home/server/default/conf/log4j.xml file, locate the following lines:

  2. In the second XML code line, replace log_level with the log level that you want to set. For example:

  After you enable logging, log information is written to the following file:

• OC4J

  To enable logging:

  1. Add the following line in the OIM_home/xellerate/config/log.properties file:

  2. In this line, replace log_level with the log level that you want to set.

     For example:

  After you enable logging, log information is written to the following file:

Step 5: Importing the Connector XML Files

To import the connector XML files:

1. Open the Oracle Identity Manager Administrative and User Console.

2. Click the Deployment Management link on the left navigation bar.

3. Click the Import link under Deployment Management. A dialog box for locating files is displayed.

4. Locate and open the SSHNonTrustedUser.xml file, which is in the OIM_home/xellerate/XLIntegrations/SSH/xml directory. Details of this XML file are shown on the File Preview page.

5. Click Add File. The Substitutions page is displayed.

6. Click Next. The Confirmation page is displayed.

7. Click Next. The Provide IT Resource Instance Data page for the SSH server Solaris IT resource is displayed.

8. Specify values for the parameters of the SSH server Solaris IT resource. Refer to the table in the 'Defining IT Resources' section for information about the values to be specified.

9. Click Next. The Provide IT Resource Instance Data page for a new instance of the SSH Server IT resource type is displayed.

10. Click Skip to specify that you do not want to define another IT resource. The Confirmation page is displayed.

    See Also:

    If you want to define another IT resource, then refer to Oracle Identity Manager Tools Reference Guide for instructions.

11. Click View Selections.

    The contents of the XML file are displayed on the Import page. You may see a cross-shaped icon along with some nodes. These nodes represent Oracle Identity Manager entities that are redundant. Before you import the connector XML file, you must remove these entities by right-clicking each node and then selecting Remove.

12. Click Import. The connector file is imported into Oracle Identity Manager.

After you import the connector XML file, proceed to the next chapter.

Defining IT Resources

You must specify values for the SSH server Solaris IT resource parameters listed in the following table.

Parameter	Description
Admin UserId	User ID of the administrator root or jdoe Jake reinvented study guide answers guide. Here, jdoe is the SUDO user ID, for the SUDO Admin mode.
Admin Password/Private file Pwd	Password of the administrator dead_line (for root/non-SUDO) or jdoe Here, jdoe is the SUDO user password, for the SUDO Admin mode. Note: For the SUDO Admin mode, the private key is not supported. You must not specify a value for this mode. If a private key is used, then the Private Key PassPhrase must be provided as the value of this parameter.
Server IP Address	Server IP address
Port	The port at which the SSH service is running on the server Default value: 22
Private Key	Private key file name with full path Note: For SUDO Admin administrator, this parameter must be left blank.
Server OS	Specify one of the following: AIX HP-UX SOLARIS LINUX
Shell Prompt	# or $
Login Prompt	You can ignore this parameter. This parameter is not used for SSH.
Password Prompt	You can ignore this parameter. This parameter is not used for SSH.
Whether Trusted System (HP-UX)	YES (for trusted HP-UX System) or NO (for nontrusted HP-UX system)
Whether SUDO Admin Mode	NO (for root) or YES (for SUDO Admin mode)
Target Locale	Target locale (language and country) For the locale that you want to use, you can specify a value similar to the following: en_US for English ja_JP for Japanese fr_FR for French Note: You must not make any change (uppercase or lowercase) in the value that you specify.
Supported Character Encoding (en_US) - Target	Encoding format for the en_US target locale The default value is UTF-8. Note: You can check which en_US encoding formats the target system supports by using the following command:
Max Retries	Number of times that the connector must retry connecting to the target server if the connection fails Default value: 2
Delay	Delay (in milliseconds) before the connector attempts to retry connecting to the target system, if the connection fails Default value: 10000
Timeout	Value of the timeout (in milliseconds) for the connection to the target server Default value: 20000

After you specify values for these IT resource parameters, proceed to Step 9 of the procedure to import connector XML files.

Permalink

Join GitHub today

GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.

Sign up

Branch:master

Installing syslog-ng on Sun Solaris 10

To successfully install syslog-ng, complete the following simple procedure. Lines starting with # are commands that have to be executed from a command line console.

Procedure 4.5. Installing syslog-ng on Sun Solaris 10

1.

Use the your username and password received together with your syslog-ng Premium Edition license to download the following binaries. Make sure to download the package specific for the processor architecture of the host.

*

The syslog-ng Premium Edition package (syslog-ng-premium-edition_<version>) from

http://www.balabit.com/downloads/files/syslog-ng/binaries/premium-edition/pool/s/syslog-ng-premium-edition/

*

The libdbi8 package from

http://www.balabit.com/downloads/files/syslog-ng/binaries/premium-edition/pool/l/libdbi8/

*

If you plan to use an SQL destination, download the package corresponding to your database from

http://www.balabit.com/downloads/files/syslog-ng/binaries/premium-edition/pool/l/libdbi8-drivers/

Also download the package corresponding to the database, architecture, and Solaris version you plan to use from http://www.sunfreeware.com. The Sunfreeware.com website includes details on installing the database, and any required dependencies.

Note

The database packages contain the full database applications, but syslog-ng does not use the databases, only the .so file. Installing the database packages does not start the database services.

2.

Download or copy the syslog-ng_<version_number>_sparc.pkg.gz package to your computer running Solaris.

Download the following packages from the nearest sunfreeware.com mirrors(solaris9 packages):

libiconv-1.11-sol9-sparc-local.gz

libgcc-3.4.6-sol9-sparc-local.gz

3.

Unpack and install the syslog-ng Premium Edition and the libdbi8 package by issuing the following commands from the command line:

# libiconv-1.11-sol9-sparc-local.gz

# libgcc-3.4.6-sol9-sparc-local.gz

# gunzip syslog-ng_<version_number>_sparc.pkg.gz

# gunzip libdbi8_<version>_<arch>.gz

# pkgadd -d libiconv-1.11-sol9-sparc-local

# pkgadd -d libgcc-3.4.6-sol9-sparc-local

# pkgadd -d syslog-ng_<version_number>_sparc.pkg

# pkgadd -d libdbi8_<version>_<arch>.pkg

4.

If you use an SQL destination, issue the commands corresponding to the database:

*

For MySQL:

Download and install the following packages from sunfreeware.com:

- mysql-5.0.41-sol9-sparc-local

- openssl-0.9.8e-sol9-sparc-local

# gunzip <pkg>.gz; pkgadd -d <pkg>

# gunzip libdbd8-mysql_<version>_<arch>.gz

# pkgadd -d libdbd8-mysql_<version>_<arch>.pkg

*

For PostgreSQL:

Make sure that the SUNWpostgr-libs package has been installed. It's on the Solaris 10 install DVD.

# gunzip libdbd8-pgsql_<version>_<arch>.gz

# pkgadd -d libdbd8-pgsql_<version>_<arch>.pkg

*

For SQLite:

Download and install the sqlite-3.3.6-sol9-sparc-local package from sunfreeware.com.

# gunzip sqlite-3.3.6-sol9-sparc-local.gz

# pkgadd -d sqlite-3.3.6-sol9-sparc-local

# gunzip libdbd8-sqlite_<version>_<arch>.gz

# pkgadd -d libdbd8-sqlite_<version>_<arch>.pkg

5.

Rename the syslog-ng.conf.sample file (located under /opt/syslog-ng/etc/) to syslog-ng.conf.

# mv /opt/syslog-ng/etc/syslog-ng.conf.sample

/opt/syslog-ng/etc/syslog-ng.conf

6.

Modify the syslog-ng.conf.to suit your needs. For details on how to configure syslog-ng, see The syslog-ng Administrator Guide, Chapter 3, Configuring syslog-ng.

7.

Disable the original syslogd application.

# svcadm -v disable svc:/system/system-log

8.

Copy the following files to their proper places by issuing the following commands and modify them if needed.

# cp /opt/syslog-ng/doc/syslog-ng.example.xml /var/svc/manifest/system/syslog-ng.xml

# cp /opt/syslog-ng/doc/syslog-ng.method /lib/svc/method/syslog-ng

9.

Validate and import the syslog-ng.xml file using svccfg.

# svccfg

svc:> validate /var/svc/manifest/system/syslog-ng.xml

svc:> import /var/svc/manifest/system/syslog-ng.xml

svc:> quit

10.

Enable and start syslog-ng.

# svcadm enable -t svc:/system/syslog-ng

11.

Verify that syslog-ng is running.

# svcs -a grep syslog

You should receive a similar output: online 10:15:01 svc:/system/syslog-ng:default

• Copy lines
• Copy permalink