Installing additional nodes for an HA cluster on a new Tomcat server

The following provides information and instructions for installing additional nodes for an HA cluster on a new Tomcat.

• • Before you begin
  • To install an addition node for an HA cluster on a new Tomcat
  • Where to go from here

Before you begin

• Install the first node for an HA cluster on a new Tomcat server.
• Obtain the zipped BMC Atrium Single Sign-On files from the BMC product package via Electronic Product Download (EPD) or the BMC Atrium Single Sign-On DVD for the additional nodes.
• If there is already an installation of BMC Atrium Single Sign-On on the target computer, the installer will not allow another installation. Uninstall the existing version.
• Ensure that the first node and all the additional nodes are running in the HA cluster.
• Prepare to run the installation program for your operating system.
   For example, you must update Terminal Services configuration options and configure the DEP feature if you are using Windows. For more information, see Configuring-Terminal-Services-and-DEP-parameters.

To install an addition node for an HA cluster on a new Tomcat

During subsequent node installations, previously installed nodes must be available so the newly added node can fully integrate into the cluster.

1. Ensure that all nodes are running and available.

2. Copy the cluster configuration file (created during the first node's installation) to the Disk1directory of the extracted files before installing BMC Atrium Single Sign-On on the node.

   Note

   The installation and configuration information of the first node is used when installing additional nodes.

3. Run the installation program.
    Launch the setup executable located in the Disk1directory of the extracted files.
   • (Microsoft Windows ) Run setup.cmd
   • (UNIX ) Run setup.sh
4. In the lower right corner of the Welcome panel, click Next.
5. Review the license agreement, click I agree to the terms of license agreement, and then click Next.
6. Accept the default destination directory or browse to select a different directory, and then click Next.
7. In the Host Name Information panel, verify that the hostname presented is the Fully Qualified Domain Name (FQDN) for the host, and then click Next.
    Correct the value as needed.
8. In the BMC Atrium SSO Server Cluster Options panel, perform the following actions:
   
   1. Select Clustered Atrium SSO Server.
   2. Select Add this node to an existing cluster.
   3. Click Next.
9. In the BMC Atrium SSO Cluster Configuration File Information panel, browse to the Disk1 directory where you copied the file, and then click Next.
10. Enter the LDAP port number (8091), LDAP replication port (8092), LDAP administration port (8093), and click Next.

11. Verify that Install New Tomcat is selected and click Next.

    Note

    The BMC Atrium Single Sign-On Tomcat server cannot be shared with any product that integrates with BMC Atrium Single Sign-On. BMC recommends that BMC Atrium Single Sign-On be the only application on the Tomcat server.

12. Accept the default Tomcat server HTTP port number (8080), HTTPS port number (8443), and Shutdown port number (8005), or enter different port numbers, and click Next.
     If any of the port numbers are incorrect, a pop-up menu identifies the incorrect port number and allows you to modify the selection.
13. Review the installation summary and click Install.
     After the second node has been successfully installed, additional nodes can be added to the cluster by using the file created during the first installation.
14. Verify that your BMC Atrium Single Sign-On installation was successful by accessing the BMC Atrium Single Sign-On URL.
    1. Navigate to Start > All Programs > BMC Software > BMC Atrium SSO > Administrator to launch the BMC Atrium SSO Admin Console .
        The URL to open the BMC Atrium SSO Admin Console is:
       https://<ssoServer>.<domain>:<port>/atriumsso/atsso/console/login/Login.html
        For example:
       https://ssoServer.bmc.com:8443/atriumsso/atsso/console/login/Login.html

    2. When you are prompted that you are connecting to an untrusted connection, add the exception and then continue.

       Note

       Browsers display this warning because you have not yet configured the SSO authentication as a trusted provider.

    3. Confirm that you can view the BMC Atrium Single Sign-On login panel.
    4. Log on with the SSO administrator name (for example, amadmin) and password.
        The BMC Atrium SSO Admin Console appears.
        (Click the image to expand it.)
       
15. Verify that your BMC Atrium Single Sign-On installation was successful by accessing the SSO load balancer.
     For example:
    https://ssoloadbalancer.bmc.com:8443/atriumsso
     The BMC Atrium SSO login screen appears. After you log on, your SSO servers appear in the HA Nodes List.
    
16. (Optional) Create an administrative user account for BMC Products to perform search functions on the user store (for example, to list user names and emails).
    • If you are using the BMC Atrium Single Sign-On server's internal LDAP, assign the BMCSearchAdmins group to the new user account.
    • If you are using an external system for authentication (such as AR System, LDAP, or Active Directory), assign the BmcSearchAdmins group to either an already existing user account or a new user account.

Where to go from here

• To install the AR System server, see Installing-or-upgrading-AR-System-server.
• To secure certificates with an external CA, see Installing-and-managing-certificates-in-BMC-Atrium-Single-Sign-On.
• To configure authentication, see Configuring-after-installation. For a specific authentication method, see the specific method. For example, for LDAP or Active Directory, see Using-LDAP-Active-Directory-for-authentication.