Page 2
Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Page 3
Novell Trademarks For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/ trademarks/tmlist.html). Third-Party Materials All third-party trademarks are the property of their respective owners.
(>) is used to separate actions within a step and items in a cross-reference path. ® A trademark symbol ( , etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. About This Guide...
Page 8
When a single pathname can be written with a backslash for some platforms or a forward slash for other platforms, the pathname is presented with a backslash. Users of platforms that require a forward slash, such as Linux* or UNIX*, should use forward slashes as required by your software. Novell Access Manager 3.1 SP1 Quick Starts...
Section 1.4, “Linux Access Gateway,” on page 11 Section 1.5, “Verifying the Installation,” on page 11 1.1 System Requirements Review the following sections in the Novell Access Manager 3.1 SP1 Installation Guide to ensure that your machines or virtual images meet the installation prerequisites: “Administration Console Requirements”...
For software download instructions, see the “Novell Access Manager Readme” (http:// www.novell.com/documentation/novellaccessmanager31/readme/ accessmanager_readme.html). 2 Select to install the Novell Access Manager Administration component. 3 Answer yes to the primary installation prompt. 1.3 Identity Server What you need to know Username and password of the Access Manager administrator.
For software download instructions, see the “Novell Access Manager Readme” (http:// www.novell.com/documentation/novellaccessmanager31/readme/ accessmanager_readme.html). 2 Select to install the Novell Identity Server component. 1.4 Linux Access Gateway What you need to know Username and password of the Access Manager administrator. IP address of the Administration Console.
Page 12
4 Before continuing with configuration, verify the following: Use the command to verify that the DNS names for the Identity Server and the ping Access Gateway are resolvable. Make sure time is synchronized among your components. Novell Access Manager 3.1 SP1 Quick Starts...
Configuration Quick Start A basic configuration has three Access Manager components (an Administration Console, an Identity Server, and an Access Gateway), an LDAP server, and Web servers with applications and data. Figure 2-1 illustrates a configuration where these components are installed on separate machines.
Page 14
Access Manager Display name: Access Manager 3 URL: ipda.am3sp3.com Table 2-1, these three fields are the organization information you created for the Identity Server cluster. 6 Click Next, then configure the user store: Novell Access Manager 3.1 SP1 Quick Starts...
Page 15
Name: User Store Table 2-1, is the user store name you created. User Store Admin name: cn=admin,o=novell Table 2-1, this is the DN of the administrator for the LDAP server. Admin password: novell Confirm password: novell Table 2-1, these fields are the password for the administrator of the LDAP server.
Web Server IP Address: 10.10.16.16 Table 2-2, this is the IP address of the Web server. Host Header: Select the Web Server Host Name from the drop-down list. Web Server Host Name: digital.test.novell.com Novell Access Manager 3.1 SP1 Quick Starts...
Verify that the Access Gateway can resolve the DNS name of the Identity Server. For other problems, see “Monitoring the Health of an Access Gateway” in the Novell Access Manager 3.1 SP1 Access Gateway Guide. 8 Click the Identity Servers task, then click Update.
Page 18
The Access Gateway can resolve the DNS name of the Identity Server. Time is synchronized between the Identity Server and the Access Gateway. For other problems, see “General Authentication Troubleshooting Tips” in the Novell Access Manager 3.1 SP1 Identity Server Guide. Novell Access Manager 3.1 SP1 Quick Starts...
The following procedures assume that you want to set up a new system using certificates created by the Access Manager Certificate Authority. To modify an existing system to use SSL, see “Enabling Communication” in the Novell Access Manager 3.1 SP1 Setup Guide. To use certificates signed by an external CA, see “Using Externally Signed Certificates”...
Page 20
4 Configure the Base URL of the Identity Server, using the DNS name of the Identity Server: https://idpa.test.novell.com:8443/nidp 5 On the SSL Certificate line, click the Select Certificate icon, then click Replace. 6 In the Replace box, click the Select Certificate icon. Novell Access Manager 3.1 SP1 Quick Starts...
Page 21
Valid from: Accept the default. Months valid: Accept the default. Key size: Accept the default. 10 Click the Edit icon on the Subject line. 11 Fill in the following fields: Common name: idpa.test.novell.com Organizational unit: o=novell Organization: test City or town:...
For more information, see “Configuring the Access Gateway” in the Novell Access Manager 3.1 SP1 Setup Guide. 1 In the Administration Console, click the Access Gateways task. 2 Click Edit, then click Reverse Proxy/Authentication. Novell Access Manager 3.1 SP1 Quick Starts...
Page 23
4 To configure a proxy service, click New in the Proxy Service section, then fill in the following fields: Proxy Service Name: Published DNS Name: lag.test.novell.com Web Server IP Address: 10.10.16.16 Host Header: Select the Web Server Host Name from the drop-down list.
Page 24
The first page of the Web server is displayed. If you get an error, verify the following: Check the times on the Access Gateway and the Identity Server. Their times need to be synchronized. Verify that the browser machine can resolve the DNS name of the Access Gateway. Novell Access Manager 3.1 SP1 Quick Starts...