Install DS as an IDM Repository

  1. Before proceeding, install the server files.
    For details, see Unpack Files.

  2. Run the setup command with the --profile idm-repo option:

    $ /path/to/opendj/setup \
     --deploymentKey $DEPLOYMENT_KEY \
     --deploymentKeyPassword password \
     --rootUserDN uid=admin \
     --rootUserPassword str0ngAdm1nPa55word \
     --hostname localhost \
     --adminConnectorPort 34444 \
     --ldapPort 31389 \
     --enableStartTls \
     --profile idm-repo \
     --set idm-repo/domain:forgerock.com \
     --acceptLicense
    • The deployment key for installing the server is stored in the environment variable DEPLOYMENT_KEY. Install all servers in the same deployment with the same deployment key and deployment key password. For details, read Key Management.

    • The administrative account to use in IDM when connecting to DS has:

      • Bind DN: The DN set with the --rootUserDN option.

      • Password: The password set with the --rootUserPassword option.

    • The base DN for IDM data is dc=openidm,dc=forgerock,dc=com.

    • IDM requires change number indexing with the default settings.

    For the full list of profiles and parameters, see Default Setup Profiles.

  3. Finish configuring the server before you start it.

    For a list of optional steps at this stage, see Install DS for Custom Cases.

  4. If all access to DS goes through IDM, IDM manages password policy.

    In this case, relax the default password policy settings:

    $ dsconfig \
     set-password-policy-prop \
     --policy-name "Default Password Policy" \
     --reset password-validator \
     --offline \
     --no-prompt
    
    $ dsconfig \
     set-password-policy-prop \
     --policy-name "Root Password Policy" \
     --reset password-validator \
     --offline \
     --no-prompt
  5. Start the server:

    $ /path/to/opendj/bin/start-ds