4.3 Installing Access Gateway Service

IMPORTANT:Because of library update conflicts, you cannot install Access Manager on a Linux User Management machine.

4.3.1 Prerequisites for Installing Access Gateway Service

  • Ensure that the system meets the requirements for installing Access Gateway. For information about the requirements, see NetIQ Access Manager System Requirements.

  • An Administration Console is installed. See Installing Administration Console.

  • An Identity Server is installed and configured. See Installing Identity Server

  • Verify that the time on the machine is synchronized with the time on Administration Console. If the times differ, Access Gateway Service does not import into Administration Console.

  • If a firewall separates the machine and Administration Console, ensure that the required ports are opened. See Table 1-3.

  • Because Access Gateway Service runs as a service, the default ports (80 and 443) that Access Gateway Service uses might conflict with the ports of other services running on the machine. If there is a conflict, you need to decide which ports each service can use.

  • (Conditional) For SUSE Linux Enterprise Server (SLES). Ensure that the following rpms or higher versions are installed:

    • rsyslog-module-gtls-5.10.1-0.7.49

    • rsyslog-5.10.1-0.7.49

    • binutils 2.23.1-0.17.18

    • glibc-32bit

      NOTE:Install the insserv-compat package for SLES installation.

      IMPORTANT:

      • SLES installation libraries may be distributed across multiple CDs or DVDs. In YaST > Software > Software Repositories select the required CD or DVD to install the rpm files. If the rpm files are not available on the SLES server, the Access Manager installation process takes care of installing these rpm files from the SLES repository.

      • To search if an rpm is installed, use rpm -qa | grep <rpm name>. For example, rpm - qa | grep libapr-util.

  • (Conditional) For installing the RHEL packages manually, see Section 6.0, Installing Packages and Dependent RPMs on RHEL for Access Manager.

    NOTE:You can select to install these RPMs automatically along with Access Manager installation. While installing Access Manager, specify N when you get the following prompt:

    Enter the local mount directory if you have the OS ISO mounted locally. This will be used as the local catalog for the additional rpms.
    Do you have a locally mounted ISO (y/n)?

    The Access Manager installer checks the online catalog and then installs the required RPMs automatically.

  • 2 to10 GB hard disk space per reverse proxy that requires caching and for log files. The amount varies with rollover options and logging level that you configure.

  • If you have custom partitioned your hard disk as follows, ensure that the free disk space mentioned against each partition is available:

    Partition

    Disk Space

    /opt/novell

    1 GB

    /opt/volera

    5 MB

    /var/opt/novell

    1 GB

    /var

    512 MB

    /usr

    25 MB

    /etc

    1 MB

    /tmp/novell_access_manager

    10 MB

    /tmp

    10 MB

    /

    512 MB

    NOTE:These are the minimum free disk spaces that must be available before installation or upgrade. However, it is recommended to maintain more than the specified free disk space based on the requirement of your production environment.

  • A static IP address and a DNS name. The ActiveMQ module of Access Gateway Service must be able to resolve the machine’s IP address to a DNS name. If the module can’t resolve the IP address, the module does not start.

  • Other Access Manager components should not be installed on the same machine.

For information about network requirements, see Section 1.3, Network Requirements.

NOTE:Access Gateway Service clustering is supported for devices that are on the same operating system.

4.3.2 Installation Procedure

You must install Access Gateway Service on a separate machine.

Installation time: about 10 minutes.

What you need to know

  • Username and password of the administrator.

  • IP address of Administration Console.

  1. Log in to the Micro Focus Customer Center and follow the link that allows you to download software.

  2. Copy the file to your machine.

    For the filename, see the release-specific Release Notes.

  3. Prepare your machine for installation:

    Make your operating system installation media available.

    The installation program checks for Apache dependencies and installs any missing packages.

  4. Start installation by running the following script:

    ./ag_install.sh

  5. Review and accept the License Agreement.

  6. (Optional) Specify the local NAT IP address if the local NAT is available for Access Gateway.

  7. Specify the IP address, user ID, and password of the primary Administration Console.

  8. Specify the IP address of Access Gateway.

  9. Continue with one of the following sections:

IMPORTANT:(Applicable for RHEL) When you configure more than 60 proxy services, Apache fails to start. RHEL has 128 semaphore arrays by default which is inadequate for more than 60 proxy services. Apache 2.4 requires a semaphore array for each proxy service.

You must increase the number of semaphore arrays depending on the number of proxy services you are going to use. Perform the following steps to increase the number of semaphore arrays to the recommended value:

  1. Open /etc/sysctl.conf

  2. Add kernel.sem = 250 256000 100 1024

    This creates the following:

    Maximum number of arrays = 1024 (number of proxy services x 2)

    Maximum semaphores per array = 250

    Maximum semaphores system wide = 256000 (Maximum number of arrays x Maximum semaphores per array)

    Maximum ops per semop call = 100

  3. Use command sysctl -p to update the changes.

  4. Start Apache.