SungHoon_Kim

Creating an ALL-IN-ONE VM Image - Part 5

Blog Post created by SungHoon_Kim Employee on Nov 4, 2015

This is something I like to do once in a while. It takes long time to setup everything but to me it is a hobby. It is like putting zigsaw puzzles.

 

WARNING: THIS IS NOT SUPPORTED! THIS IS ONLY TO FULFILL YOUR CURIOSITY AND SATISFY YOUR SPIRIT GOING AGAINST ALL ODDS. THIS IS NOT A DEMONSTRATION ALLOWING YOU TO RUN SUCH CONFIGURATION IN YOUR DEV/TEST/QA/PROD ENVIRONMENT.

 

Following components will be installed.

 

01. Install OS (Windows 2008 R2 - English)

02. Microsoft Loopback Adapter

03. Active Directory

04. DNS

05. IIS

06. Certificate Authority

07. MSSQL 2012

08. JDK 1.7.0_80 (32bit and 64bit)

09. NewAtlanta ServletExec 6.0

10. ASF Apache

11. CA Directory

12. Oracle Directory Server 11g

13. CA Single Sign-On Policy Server

14. CA Single Sign-On AdminUI

15. CA Single Sign-On Web Agent/Option Pack

16. CA Single Sign-On Secure Proxy Server

17. CABI 3.3

 

Some trivial steps are skipped such as installing the OS and promoting to a Domain Controller.

 

 

12. Oracle Directory Server 11g

 

Oracle Directory Server uses Web Application to Administer the server.

So you need to have an existing application server to deploy the application.

We already have New Atlanta ServletExec so we will be using that.

Otherwise, I usually use GlassFish.

 

 

  • Installation

Downloaded ofm_odsee_win_11.1.1.7.0_disk1_1of1.zip

If you extract the file, there is "ODSEE_ZIP_Distribution" folder.

In that folder, there is "sun-dsee7.zip" which need to be extracted.

After extraction, you will find "dsee7" folder. This is the folder that has everything.

I am moving this to C:\ so the path will be "C:\dsee7".

 

 

  • Configuration

Open a command prompt and navigate to "C:\dsee7\bin" folder.

 

C:\dsee7\bin> dsccsetup ads-create

 

You are asked to enter the password for Directory Service Manager. You will need to remember this for later use.

 

C:\dsee7\bin> dsccsetup war-file-create

This creates dscc7.war file that can be deployed.

 

C:\dsee7\bin> dsccagent create

Note the "DSCC agent" port number, 3997.

Also, note the Agent instance path "C:/dsee7/var/dcc/agent"

C:\dsee7\bin> dsccreg add-agent C:/dsee7/var/dcc/agent

 

Start up the DSCC Agent and ADS.

C:\dsee7\bin> dsccagent start

C:\dsee7\bin> dsadm start C:/dsee7/var/dcc/ads

 

Next time if you reboot the machine, you will need to ensure the following command is run to startup the required services.

 

C:\dsee7\bin> dsccagent start

C:\dsee7\bin> dsadm start C:/dsee7/var/dcc/ads

 

But this is going to be forgotten and cause frustration later.

So, it is better to register them as a service.

 

First, you must stop the dscc agent.

 

C:\dsee7\bin> dsccagent stop

 

Then register a service


C:\dsee7\bin> dsccreg add-agent C:/dsee7/var/dcc/agent

 

Then you will find this in the service list as below.

 

 

You can now start it from service. Start it up now.

 

Then register the ADS instance as service as well.

 

C:\dsee7\bin> dsadm enable-service C:/dsee7/var/dcc/ads

Startup the service now.

 

Now, all services will startup automatically.

You need to remember do the same for the LDAP instances that you create.

 

 

  • Application Deployment

This section will be skipped at the moment.

It is because there is no compatible web application server installed on this machine yet.

NewAtlanta ServletExec 6 is not compatible from my testing thus it will not be used.

 

At the moment, we will have to use command-line to setup instance and configure.

 

Later on, when Secure Proxy Server is installed, I will try and see if this can be deployed on the tomcat.

 

 

  • Setup an Instance

 

C:\dsee7\bin> dsadm create -p 2389 -P 2636 C:/dsee7/ldapinstances/slapd-primary

C:\dsee7\bin> dsadm start C:/dsee7/ldapinstances/slapd-primary

C:\dsee7\bin> dsconf create-suffix --unsecured -p 2389 dc=sso,dc=lab

 

Start the service now.

You can also start it from command-line as below.

C:\dsee7\bin> dsadm start C:/dsee7/ldapinstances/slapd-primary

 

You will find that it is listening on ALL IP address.

 

C:\dsee7\bin> dsconf create-suffix --unsecured -p 2389 dc=sso,dc=lab

 

Use JXPlorer to connect to this LDAP instance.

 

Host: cadir.sso.lab

Port: 2389

Base DN: dc=sso,dc=lab

Security Level : User + Password

User DN: cn=Directory Manager

Password: xxxxxxxx

 

Oracle LDAP instance is ready for use.

 

 

  • Create sample objects

Right click on the baseDN and select "New"

Create "OU=People" under "dc=sso,dc=lab"

 

Create "user1" using "inetOrgPerson" objectclass and place under OU=People.

Detailed steps skipped as it has been demonstrated during CA Directory setup.

 

This concludes Part 5 of ALL IN ONE Image.

Outcomes