About this guide

This document gives an overview of the installation of PhenixID Identity Manager. Additional information is found on PhenixID web site or through PhenixID support.

Audience

This document is primarily written for system administrators. The guides describes installation and basic configuration of Identity Manager.

Installation

Prerequisite

Download

Installation media is provided through PhenixID support together with the required license.

Server

Platform support is constantly updated. Contact PhenixID support to get the most accurate list of supported platforms.
Primarily PhenixID is installed on Windows or Linux servers.

Server installation

PhenixID Identity Manager will require a minimum of 5 GB of drive space and 2 GB of RAM. Depending on your configuration and usage this setup might be sufficient but 4GB of RAM is recommended for most installations. Please contact PhenixID support for larger installations.

Windows

1. Double-click the name_of_installation_file to start installation.
2. “Welcome to the PhenixID Identity Manager Setup Wizard” – click Next.
3. “License Agreement” – Read the license agreement and select “I accept the agreement”, then click Next.
4. “Select Destination Directory” – Click Browse to select installation location or accept the default location (C:\Program Files\PhenixID\IM\tomcat8-im), then click Next.
5. “Select License File”  Click Browse to locate your license file, then click Next.
6. “LDAP Settings”
   1. “Add LDAP configuration later” Deside if the LDAP-configuration wizard should be used or not. These settings may be configured later in DSEditor.properties. If selected, go to step 7. “HTTP Server Port”.
   2. “DNS or IP-Address” – Enter the address for the LDAP server
   3. “Port” – Enter the LDAP port
   4. “SSL” – Select if SSL should be used
   5. “Service Account DN” – Enter the distinguished name for the LDAP Service account
   6. “Password” – Enter the password for the LDAP Service account
   7. “Base DN for Users” – Enter the Base DN for user accounts
   8. “Login attribute” – Enter the LDAP login attribute
   9. “User objectclass” – Enter the object class to use for authentication
   10. Click Next to finish the LDAP Settings
7. “HTTP Server Port” – Enter the web server port number to use or accept the default value (80), then click Next.
8. “Summary” – Install the selected configuration and accept the summary by clicking Next.
9. “Windows service” – Select if a windows service should be installed, then click Next.
10. “Completing the PhenixID Identity Manager Setup Wizard” – Click Finish to end the Setup.

Linux – GUI

1. chmod +x name_of_installation_file
2. sudo ./name_of_installation_file to start installation.
3. “Welcome to the PhenixID Identity Manager Setup Wizard” – click Next.
4. “License Agreement” – Read the license agreement and select “I accept the agreement”, then click Next.
5. “Select Destination Directory” – Click Browse to select installation location or accept the default location (/opt/PhenixID/IM/tomcat8-im), then click Next.
6. “Select License File” – Click Browse to locate your license file or enter the path manually, then click Next.
7. “LDAP Settings”
   1. “Add LDAP configuration later” Deside if the LDAP-configuration wizard should be used or not. These settings may be configured later in DSEditor.properties. If selected, go to step 8. “HTTP Server Port”.
   2. “DNS or IP-Address” – Enter the address for the LDAP server
   3. “Port” – Enter the LDAP port
   4. “SSL” – Select if SSL should be used
   5. “Service Account DN” – Enter the distinguished name for the LDAP Service account
   6. “Password” – Enter the password for the LDAP Service account
   7. “Base DN for Users” – Enter the Base DN for user accounts
   8. “Login attribute” – Enter the LDAP login attribute
   9. “User objectclass” – Enter the object class to use for authentication
   10. Click Next to finish the LDAP Settings
8. “HTTP server port” – Enter the desired port for the web server, then click Next.
9. “Summary” – Install the selected configuration and accept the summary by clicking Next.
10. “Completing the PhenixID Identity Manager Setup Wizard” – Click Finish to end the Setup.

Linux – CLI

1. chmod +x name_of_installation_file
2. sudo ./name_of_installation_file to start installation.
3. “This will install PhenixID Identity Manager on your computer” – Press ENTER.
4. “License Agreement” Read the license agreement, scroll by pressing ENTER and select “I accept the agreement”, by pressing 1 ENTER.
5. “Where should PhenixID Identity Manager be installed?” – Enter path to installation location or accept the default location (/opt/PhenixID/IM/tomcat8-im), then press ENTER.
6. “Select License File” – Enter the path to the Identity Manager license file, then press ENTER.
7. “LDAP configuration”
   1. “Add LDAP configuration later” Deside if the LDAP-configuration wizard should be used or not. These settings may be configured later in DSEditor.properties. Y ENTER or N ENTER. If Y ENTER, go to step 8. “HTTP Server Port”.
   2. “DNS or IP-Address” – Enter the address for the LDAP server, then press ENTER.
   3. “Port” – Enter the LDAP port, then press ENTER.
   4. “SSL” – press Y ENTER to use SSL, else press N ENTER.
   5. “Service Account DN” – Enter the distinguished name for the LDAP Service account, then press ENTER.
   6. “Password” – Enter the password for the LDAP Service account, then press ENTER.
   7. “Base DN for Users” – Enter the Base DN for user accounts, then press ENTER.
   8. “Login attribute” – Enter the LDAP login attribute, then press ENTER.
   9. “User objectclass” – Enter the object class to use for authentication, then press ENTER.
8. “HTTP Server Port” – Enter the web server port number to use or accept the default value (80), then press ENTER.
9. “Summary” – Complete the installation and accept the summary by pressing ENTER.

Post installation

Configure Roles

Identity Manager Roles has to be configured in order to be used as desired. A sample setup with a few roles, containing forms and pre-defined searched which is called AD-Edition is may be requested through PhenixID support.

Startup

Windows

Make sure there is a license file in the license folder.
PhenixID Identity Manager may be started as a Windows service or as an application.
Locate the Windows service PhenixID Identity Manager and select Start, in order to start the service.
Run [installation path]\tomcat8-im\bin\startup.bat to startup PhenixID Identity Manager as an application.
The startup sequence can be verified in [installation path]\tomcat8-im\log\idmgmt.log.

Linux

Make sure there is a license file in the license folder.
Start [installation path]/tomcat8-im/bin/startup.sh to start the application.
The startup sequence can be verified in [installation path]/tomcat8-im/log/idmgmt.log.

Folder structure

After performing successful installation a folder structure is created under the location chosen during the installation process.

Key folders and their purpose are:

• tomcat8-im
  • This is the PhenixID installation folder for Apache Tomcat.
• bin
  • contains startup scripts and configuration files for tuning custom performance.
    Please consult PhenixID support before changing anything in any file.
• conf
  • This folder contains configuration xml-files.
  • The file called server.xml is stored here. This file contains information about http port that the Tomcat (usually 80 or 8080).
• logs
  • Contains log files.
  • This is where Tomcat stores all log files. Interesting files here are idmgmt.log, localhost*.*. You also might find a file called stdout.log.
• webapps
  • All the web applications for Tomcat are stored here. Like the Identity Manager web application phenixid.
  • phenixid
  • The Identity Manager web application
    • css
      • This folder stores the style sheets
    • images
      • All images except the template file are stored here.
    • js
      • Java scripts that is used by IM is stored here
    • jsp
      • JSP-files that is used by IM is stored here
    • WEB-INF
      • This is where the web.xml file is stored
      • classes
        • This folder contains class files for IM
      • lib
        • This folder contains jar files for IM
      • NEIDMgmt
        • This folder contains the DSEditor.properties file. This file is read during startup of the phenixid web application.
        • images
          • This is where the template file, which is used in a form, is stored.
        • language
          • The folder for the language files used by IM
        • license
          • license.dat is stored here.
        • roles
          • Files based roles are stored here if they are in use.
• work
  • This folder is used for the phenixid work cache. In some scenarios all sub-folders could be deleted when restarting the service.

File structure

Files of interested are

• web.xml
  • The web.xml Deployment Descriptor file describes how to deploy a web application in a servlet container such as Tomcat.
  • This file is required for every application you deploy on Tomcat. You will find one in the jsp-examples, servlet-examples and ROOT applications provided on a new Tomcat website, and every web application example you download, including inside WAR files.
  • The location of the file is always the same: application root/WEB-INF/web.xml
• server.xml
  • The file contains most of the server configuration. In this file you can set the http port the Tomcat will be listening on.
• DSEditor.properties
  • The DSEditor.properties file contains most of the /phenixid web app configuration

Backup / Restore

Identity Manager relies on the files and folder created during the installation process as well as the Identity Manager roles that might be located in this folder or in an LDAP directory.

Maintain backup of the installation root directory to make sure the application is backed up. Also make sure all roles are backed up properly from disk or the LDAP directory.  A recovery simply means replacing the current files and folders with the backup content as well as the roles. Replacing single files or directories should only be done if advised by PhenixID support.