Installing the first node for an HA cluster on an external Tomcat server

The following provides information and instructions for installing the first node for an HA cluster on an external Tomcat.

Before you begin

Before installing BMC Atrium Single Sign-On on the first node for an external Tomcat, make sure you have performed the tasks in Prerequisites for installation and the Before you begin section on Installing BMC Atrium Single Sign-On on an external Tomcat server.

To install BMC Atrium Single Sign-On on the first node for an external Tomcat

1. Run the installation program, autorun.
   If autorun does not automatically launch the appropriate file, launch the setup executable located in the Disk1 directory of the extracted files. This script automatically detects the appropriate subscript to execute.
   
   (Microsoft Windows ) Run setup.cmd
   (UNIX ) Run setup.sh
2. Accept the default destination directory, or browse to select a different directory, and click Next.
3. Enter the hostname if the provided name is incorrect and click Next.
4. Select Clustered Atrium SSO Server.
5. Select New Cluster Installation (First node), and click Next.

6. Enter a file name and location for storing the cluster configuration information and click Next.
   This cluster configuration file is needed when subsequent nodes are added to the cluster.

   Important

   This file contains sensitive information.

7. Enter the LDAP port and LDAP replication port, and click Next.
8. Enter the load balancer URL and click Next.

9. Click Use External Tomcat and click Next.

   Note

   The BMC Atrium Single Sign-On Tomcat server cannot be shared with any product that integrates with BMC Atrium Single Sign-On. BMC recommends that BMC Atrium Single Sign-On be the only application in the Tomcat server.

10. Enter the Tomcat server directory at the prompt and click Next.
11. At the Tomcat Application Server Selection panel, enter the path to the Tomcat server.
    After the path is entered, the installer verifies that:
    • The directory has a webapps directory that can be written to.
    • The main program, tomcat6.exe, is present (even on UNIX).
    • The server.xml file contains a Connector with port and secure defined and scheme set to https. The installer parses important information from this Connector entry and stores it.
      The installer deploys the BMC Atrium Single Sign-On web application to the Tomcat server, asking that you start or stop it when necessary.
12. Enter additional information at the prompts. Be prepared with information about:
    • JDK directory location
    • Tomcat server port
    • BMC Atrium Single Sign-On Truststore certificate location and password
    • BMC Atrium Single Sign-On Keystore password, alias, and certificate
    • BMC Atrium Single Sign-On cookie domain
    • BMC Atrium Single Sign-On administrator name and password
    • (Windows ) You will be asked whether your external Tomcat server is started using scripts or as a Windows service.
13. Stop the Tomcat server.
14. After installation is complete, follow the installer directions to restart the Tomcat server.
    The Tomcat server can now be used as the BMC Atrium Single Sign-On application server. If you make modification to the server configuration, be sure to test each change to ensure that the BMC Atrium Single Sign-On application continues to function correctly.
15. Replace the existing certificate with a Certificate Authority (CA) signed identity certificate.
16. Verify that your BMC Atrium Single Sign-On installation was successful:
    1. Launch the administrator console.
    2. Confirm that you can view the BMC Atrium Single Sign-On login panel.

Where to go from here

• Installing additional nodes for an HA cluster on a new Tomcat server or
• Installing additional nodes for an HA cluster on an external Tomcat server