Entrust®

IdentityGuard 8.1

Database Configuration Guide

Document issue: 1.0

Date of Issue: June 2006

 Copyright © 2006 Entrust. All rights reserved.

Entrust is a trademark or a registered trademark of Entrust,

Inc. in certain countries. All Entrust product names and
logos are trademarks or registered trademarks of Entrust,
Inc. in certain countries. All other company and product
names and logos are trademarks or registered trademarks
of their respective owners in certain countries.

This information is subject to change as Entrust reserves

the right to, without notice, make changes to its products
as progress in engineering or manufacturing methods or
circumstances may warrant.

Export and/or import of cryptographic products may be

restricted by various regulations in various countries.
Export and/or import permits may be required.

2 Entrust IdentityGuard 8.1 Database Configuration Guide

Table of contents
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
About Entrust IdentityGuard ........................................... 4
Database considerations .............................................. 5
Setting up the JDBC driver ......................................... 5
Estimating database size ........................................... 5
Backing up the database .......................................... 6
Documentation conventions ........................................... 7
Note and Attention text ........................................... 7
Related documentation ............................................... 8
Obtaining documentation ............................................. 9
Documentation feedback .......................................... 9
Obtaining technical assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Technical support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Professional Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

CHAPTER 1
Configuring a DB2 database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Setting up the DB2 database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Preparing the DB2 database for installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Installing the Entrust IdentityGuard schema file for DB2 . . . . . . . . . . . . . . . . . . 14
Installing the JDBC driver files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Gathering your configuration data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

CHAPTER 2
Configuring an SQL Server database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Setting up the SQL Server database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Preparing the SQL Server database for installation . . . . . . . . . . . . . . . . . . . . . . 18
Installing the Entrust IdentityGuard schema file for SQL Server . . . . . . . . . . . . 18
Installing the JDBC driver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
 Gathering your configuration data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

CHAPTER 3
Configuring an Oracle database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Setting up the Oracle database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Preparing the Oracle database for installation . . . . . . . . . . . . . . . . . . . . . . . . . 22
Installing the Entrust IdentityGuard schema file for Oracle . . . . . . . . . . . . . . . . 23
Installing the JDBC driver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Gathering your configuration data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

2 Entrust IdentityGuard 8.1 Database Configuration Guide Document issue: 1.0

About this guide

This guide provides an overview of how to configure Entrust IdentityGuard 8.1 to

operate with the IBM DB2 Universal database, Microsoft SQL Server, and Oracle
database.
This chapter includes the following sections:
• “About Entrust IdentityGuard” on page 4
• “Database considerations” on page 5
• “Documentation conventions” on page 7
• “Related documentation” on page 8
• “Obtaining documentation” on page 9
• “Obtaining technical assistance” on page 10

3
 About Entrust IdentityGuard
Installing Entrust IdentityGuard 8.1 allows you to add the benefits of multifactor
authentication to your primary authentication method.
Entrust IdentityGuard 8.1 provides multifactor authentication to help organizations
counter identity theft by making it more difficult for attackers to steal users’ online
identities. It addresses the real-world demands for strong authentication, making it
easier to use while helping to reduce deployment and management costs.

Note: You must follow the instructions in this guide before you install Entrust
IdentityGuard. For information about installing and configuring Entrust
IdentityGuard 8.1, refer to the Entrust IdentityGuard Installation and Guide.

4 Entrust IdentityGuard 8.1 Database Configuration Guide Document issue: 1.0

Feedback on guide
Database considerations
This section provides information that applies to all databases supported by Entrust
IdentityGuard:
• “Setting up the JDBC driver” on page 5
• “Estimating database size” on page 5
• “Backing up the database” on page 6

Setting up the JDBC driver

Entrust IdentityGuard communicates with the database using Java database
connectivity (JDBC), which is a standard SQL database interface.
Keep these points in mind when setting up JDBC:
• Make sure you obtain and install the appropriate version of the JDBC driver
that supports connectivity to your Entrust IdentityGuard database.
• Install the driver in a location on the Entrust IdentityGuard Server so that
Entrust IdentityGuard can find the JAR files during configuration.
• Take note of that location, as you must provide it when you configure Entrust
IdentityGuard later.

Estimating database size

No two databases will be the same. The number of policies, groups, administrators
and users will vary as will the attributes assigned to each and the authentication
methods used.
You can calculate the approximate disk space requirements of your Entrust
IdentityGuard database using the applicable values below.

Table 1: Database disk space

Information Table names Data requirement

type

Global policy globalpolicy 0.5 KB.

Policies policy, 2.5 KB per policy spread across the five tables.
policy_cardspec,
policy_passwordpolicy
policy_temppinspec,
policy_userspec

Roles roles 1.5 KB per role.

About this guide 5

Feedback on guide
 Table 1: Database disk space

Information Table names Data requirement

type

Groups groups 0.5 KB per group.

Group Lists grouplists 0.5 KB per group list.

Users users, cards, tokens,
aliases, challenges
1.5 KB minimum per user with one 5 by 10
card, one temporary PIN and one alias. Most
data is in the users table. Other tables contain
index entries.
0.5 KB per user for each additional 5 by 10
card.
0.5 KB per user if tokens are used.
0.5 KB per user when card usage tracking is
enabled (for example, least used challenge).
More space is needed for comment
attributes, extra aliases, and
knowledge-based authentication.
Up to 1 MB per user (controlled by policy)
when authentication secrets are included.

Administrators admin, admin_role, 0.5 KB per administrator. Most data is in the

admin_grouplist admin table. Other tables contain index
entries.

Preproduction preproduced_cards 0.5 KB per preproduced card.

cards

Unassigned unassigned_tokens 0.5 KB per unassigned token.

tokens

For information on creating policies, groups, group lists, administrators and users,
refer to the Entrust IdentityGuard Administration Guide.

Backing up the database

Your database stores all your Entrust IdentityGuard user, card, token, and PIN data.
Without backup, any database failure can result in the loss of user information. This
might require that you reissue Entrust IdentityGuard cards or tokens.

Attention: Back up your database on a regular basis.

6 Entrust IdentityGuard 8.1 Database Configuration Guide Document issue: 1.0

Feedback on guide
Documentation conventions
Following are typographic conventions which may appear in this guide:

Table 2: Typographic conventions

Convention Purpose Example

Bold text Indicates graphical user Click Next.
(other than interface elements and
headings) wizards.
Italicized text Used for book or Entrust TruePass 7.0 Deployment Guide
document titles.
Blue text Used for hyperlinks to Entrust TruePass supports the use of many types
other sections in the of digital ID.
document.
Underlined blue Used for Web links. For more information, visit our Web site at
text www.entrust.com.
Courier type Indicates installation Use the entrust-configuration.xml file
paths, file names, to change certain options for Verification Server.
Windows registry keys,
commands, and text you
must enter.
Angle brackets Indicates variables (text By default, the entrust.ini file is located in
you must replace with <install_path>/conf/security/entrust.
<>
your organization’s ini.
correct values).
Square brackets Indicates optional dsa passwd [-ldap]
parameters.
[courier type]

Note and Attention text

Throughout this guide there are paragraphs set off by ruled lines above and
below the text. These paragraphs provide key information with two levels of
importance, as shown below.

Note: Information to help you maximize the benefits of your Entrust product.

Attention: Issues that, if ignored, may seriously affect performance, security, or

the operation of your Entrust product.

About this guide 7

Feedback on guide
 Related documentation
Entrust IdentityGuard is supported by a complete documentation suite:
• For instructions on installing and configuring Entrust IdentityGuard Server,
see the Entrust IdentityGuard Installation Guide.
• For instructions on administering Entrust IdentityGuard users and groups, see
the Entrust IdentityGuard Administration Guide.
• For information on deploying Entrust IdentityGuard, refer to the Entrust
IdentityGuard Deployment Guide.
• For information on configuring Entrust IdentityGuard to work with a
supported LDAP repository – Active Directory, Active Directory Application
Mode, Critical Path InJoin Directory, IBM Tivoli Directory, Novell eDirectory,
or Sun ONE Directory – see the Entrust IdentityGuard Directory
Configuration Guide.
• For information on configuring Entrust IdentityGuard to work with a
supported database – IBM DB2 Universal Database, Microsoft SQL Server, or
Oracle Database – see the Entrust IdentityGuard Database Configuration
Guide.
• For information on Entrust IdentityGuard error messages, see the Entrust
IdentityGuard Error Messages.
• For information on new features, limitations and known issues in the latest
release, see the Entrust IdentityGuard Release Notes.
• For information on integrating the authentication and administration
processes of your applications with Entrust IdentityGuard, see the Entrust
IdentityGuard Programming Guide that applies to your development
platform (either Java Platform or C#).
• For Entrust IdentityGuard product information and a data sheet, go to
http://www.entrust.com/strong-authentication/identityguard/index.htm.
• For information on identity theft protection seminars, go to
http://www.entrust.com/events/identityguard.htm.

8 Entrust IdentityGuard 8.1 Database Configuration Guide Document issue: 1.0

Feedback on guide
Obtaining documentation
Entrust product documentation, white papers, technical integration guides, technical
notes, and a comprehensive Knowledge Base are available through Entrust
TrustedCare Online. If you are registered for our support programs, you can use our
Web-based Entrust TrustedCare Online support services at:
https://www.entrust.com/trustedcare

Documentation feedback
You can rate and provide feedback about Entrust product documentation by
completing the online feedback form. You can access this form by
• clicking the Feedback on guide link located in the footer of Entrust’s PDF
documents (see bottom of this page).
• following this link: http://www.entrust.com/products/feedback/index.cfm
Feedback concerning documentation can also be directed to the Customer Support
email address:
support@entrust.com

About this guide 9

Feedback on guide
 Obtaining technical assistance
Entrust recognizes the importance of providing quick and easy access to our support
resources. The following subsections provide details about the technical support and
professional services available to you.

Technical support
Entrust offers a variety of technical support programs to help you keep Entrust
products up and running. To learn more about the full range of Entrust technical
support services, visit our Web site at:
http://www.entrust.com/
If you are registered for our support programs, you can use our Web-based support
services.
Entrust TrustedCare Online offers technical resources including Entrust product
documentation, white papers and technical notes, and a comprehensive Knowledge
Base at:
https://www.entrust.com/trustedcare
If you contact Entrust Customer Support, please provide as much of the following
information as possible:
• your contact information
• product name, version, and operating system information
• your deployment scenario
• description of the problem
• copy of log files containing error messages
• description of conditions under which the error occurred
• description of troubleshooting activities you have already performed

Telephone numbers
For support assistance by telephone call one of the numbers below:
• 1-877-754-7878 in North America
• 1-613-270-3700 outside North America

Email address
The email address for Customer Support is:
support@entrust.com

10 Entrust IdentityGuard 8.1 Database Configuration Guide Document issue: 1.0

Feedback on guide
Professional Services
The Entrust team assists e-businesses around the world to deploy and maintain secure
transactions and communications with their partners, customers, suppliers and
employees. We offer a full range of professional services to deploy our e-business
solutions successfully for wired and wireless networks, including planning and design,
installation, system integration, deployment support, and custom software
development.
Whether you choose to operate your Entrust solution in-house or subscribe to hosted
services, Entrust Professional Services will design and implement the right solution for
your e-business needs. For more information about Entrust Professional Services
please visit our Web site at:
http://www.entrust.com

About this guide 11

Feedback on guide
12 Entrust IdentityGuard 8.1 Database Configuration Guide Document issue: 1.0
Feedback on guide
Chapter 1

Configuring a DB2 database

The DB2 database administrator must be involved in planning and carrying out
specific tasks in order to configure Entrust IdentityGuard 8.1 to work with a DB2
database.
This chapter includes the following sections:
• “Setting up the DB2 database” on page 14.
• “Gathering your configuration data” on page 16.

13
 Setting up the DB2 database
Before you install Entrust IdentityGuard, you must prepare the DB2 database.
This section includes:
• “Preparing the DB2 database for installation” on page 14
• “Installing the Entrust IdentityGuard schema file for DB2” on page 14
• “Installing the JDBC driver files” on page 15
Remember to complete the procedures in this chapter before you install Entrust
IdentityGuard.

Note: When preparing a DB2 database for Entrust IdentityGuard, keep in mind
the languages that you need to support. For international English or non-English
environments, consult your DB2 documentation for more information on setting
the language variable.

Preparing the DB2 database for installation

Create a separate database for Entrust IdentityGuard data. Make sure it has the
correct language setting. Here’s one example:
db2 create database entrust using codeset UTF-8 TERRITORY US
Also create a database user login account for use by Entrust IdentityGuard. You
should provide sufficient privileges so that this user can administer and own the
Entrust IdentityGuard database schema and data, including the database tables.

Installing the Entrust IdentityGuard schema

file for DB2
Once you prepare the database, create the Entrust IdentityGuard database tables
using the SQL command files included in the Entrust IdentityGuard installation
package.
Extract the applicable archive file for your operating system. Refer to the Entrust
IdentityGuard Installation Guide for details.
The schema files for DB2 are available under the IG_81/sql directory included with
the Entrust IdentityGuard installation package. You can access them without having
to install Entrust IdentityGuard. Run the applicable schema file as the newly created
Entrust IdentityGuard database user.
There are three schema files to choose from:

14 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

Feedback on guide
 • If you are installing a new version of Entrust IdentityGuard, use the file
db2_v81_schema.sql.
• If you are upgrading from Entrust IdentityGuard 8.0, use the file
db2_v80_to_v81_upgrade.sql.
• If you are upgrading from Entrust IdentityGuard 7.2, use the file
db2_v7x_to_v81_upgrade.sql.
Before you run the selected schema file, you must edit it for your installation.

To edit and run the SQL file

1 Copy the schema file to a working directory on the database server.
2 Open the schema file in an editor and insert lines like the following at the top of
the file:
connect to <igdb> user <igadmin> using <igpass>;
set schema <schemaname>;
Where:
• igdb is the name of the DB2 database created for Entrust IdentityGuard
• igadmin is the Entrust IdentityGuard database user
• igpass is the Entrust IdentityGuard database password
• schemaname is name of the schema
3 Save and run the copied schema file on the database server. Here’s an example
using the DB2 command:
db2 -tf <schema-file>
Where:
• schema-file is the full path name of the schema file you edited

Installing the JDBC driver files

Locate the correct JDBC driver files. These are provided with your database software
or from a 3rd-party vendor.
Entrust IdentityGuard supports DB2 using the DB2 JDBC universal driver files
(db2jcc.jar, db2jcc_javax.jar, and db2jcc_license_cu.jar). This is a
platform-independent, type-4 driver that uses Java to connect directly to DB2. It is a
two-tier, pure Java JDBC driver that allows a Java client to communicate with DB2
servers using the DRDA protocol. The driver does not require you to have DB2 client
software installed.
Place the JAR files in a location on the Entrust IdentityGuard Server where the person
installing Entrust IdentityGuard can find them during configuration.

Configuring a DB2 database 15

Feedback on guide
 Gathering your configuration data
You can now install Entrust IdentityGuard. This section describes how to prepare for
this installation. Refer to the Entrust IdentityGuard Installation Guide for complete
installation instructions.
As part of the Entrust IdentityGuard installation procedure, the installer will present
questions or options about the database and JDBC files. Make a note of the
information requirements in the following table.

Table 3: Configuration data

Configuration data Description

JDBC driver JAR file names
You will be asked for the names of the JDBC files during
installation. They are: db2jcc.jar, db2jcc_javax.jar,
and db2jcc_license_cu.jar. Enter db2jcc.jar first. (In
the Windows installer, enter the other two JAR files as
additional files.)

JDBC driver class name You will be asked for the JDBC driver class you are using. It
is: com.ibm.db2.jcc.DB2Driver.

Database URL Each JDBC driver defines its own syntax for the URL. Consult
the driver documentation for details. For the DB2 type-4
driver, the URL will look like this:
jdbc:db2://<dbhost>:<dbport>/<mydbname>
Where:
• dbhost is the name of the server that hosts the DB2
database
• dbport is the port number the database server listens to
• mydbname is the name of the database created for
Entrust IdentityGuard

DB2 database user Provide the name or ID of the account through which Entrust
IdentityGuard logs in and accesses your DB2 database.
Entrust IdentityGuard uses this name together with the
database user password to log in to your database.

DB2 database user password Specify the password assigned to the DB2 database user.
Entrust IdentityGuard uses this password together with the
database user to log in to your database.

DB2 database schema name This is the name used when you edited the Entrust
IdentityGuard SQL schema file.

16 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

Feedback on guide
Chapter 2

Configuring an SQL Server

database

The SQL Server database administrator must be involved in planning and carrying out
specific tasks in order to configure Entrust IdentityGuard 8.1 to work with a SQL
Server database.
This chapter includes the following sections:
• “Setting up the SQL Server database” on page 18.
• “Gathering your configuration data” on page 20.

17
 Setting up the SQL Server database
Before you install Entrust IdentityGuard, you must prepare the SQL Server database.
This section includes:
• “Preparing the SQL Server database for installation” on page 18
• “Installing the Entrust IdentityGuard schema file for SQL Server” on page 18
• “Installing the JDBC driver” on page 19
Remember to complete the procedures in this configuration guide before you install
Entrust IdentityGuard.

Note: When preparing an SQL Server database for Entrust IdentityGuard, keep
in mind the languages that you need to support. For international English or
non-English environments, consult your SQL Server documentation for more
information on setting the language variable.

Preparing the SQL Server database for

installation
Create a separate database for Entrust IdentityGuard data.
Also create an SQL Server database user login account for use by Entrust
IdentityGuard. You should provide sufficient privileges so that this user can administer
and own the Entrust IdentityGuard database schema and data, including the
database tables.

Installing the Entrust IdentityGuard schema

file for SQL Server
Once you prepare the database, create the Entrust IdentityGuard database tables
using the applicable command file included in the Entrust IdentityGuard installation
package.
Extract the applicable archive file for your operating system. Refer to the Entrust
IdentityGuard Installation Guide for details.
The schema files for SQL Server are available under the IG_81/sql directory
included with the Entrust IdentityGuard installation package. You can access them
without having to install Entrust IdentityGuard. Run the applicable schema file as the
newly created Entrust IdentityGuard database user.
There are two schema files to choose from:

18 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

Feedback on guide
 • If you are installing a new version of Entrust IdentityGuard, use the file
sqlserver_v81_schema.sql.
• If you are upgrading from Entrust IdentityGuard 8.0, use the file
sqlserver_v80_to_v81_upgrade.sql.
Before you run the schema file, you must edit it for your installation.

To edit and run the SQL file

1 Copy the applicable schema file to a working directory on the database server.
2 Open it in an editor and insert a line like the following at the top of the file:
use <dbname>;
Where:
• dbname is the name of the database created for Entrust IdentityGuard
3 Save and run the schema file on the database server. There are several ways to
run it. Here’s one example:
osql -U <igadmin> -P <igpass> -i <schema-file>
Where:
• igadmin is the database login account created for Entrust IdentityGuard
• igpass is the Entrust IdentityGuard database password
• schema-file is the full path name to the edited version of the schema
file

Installing the JDBC driver

Locate the correct JDBC driver files. These are provided with your database software
or from a 3rd-party vendor.
Entrust IdentityGuard supports the Microsoft SQL Server 2000 Driver for JDBC™
(mssqlserver.jar, msbase.jar, and msutil.jar). This is a
platform-independent, type-4 driver that uses Java to connect directly to SQL Server.
The driver does not require you to have SQL Server client software installed.
Place the JAR files in a location on the Entrust IdentityGuard Server where the person
installing Entrust IdentityGuard can find them during configuration.

Configuring an SQL Server database 19

Feedback on guide
 Gathering your configuration data
You can now install Entrust IdentityGuard. This section describes how to prepare for
this installation. Refer to the Entrust IdentityGuard Installation Guide for complete
installation instructions.
As part of the Entrust IdentityGuard installation procedure, the installer will present
questions or options about the database and JDBC files. Make a note of the
information requirements in the following table.

Table 4: Configuration data

Configuration data Description

JDBC driver JAR file name
You will be asked for the names of the JDBC files during
installation. They are: mssqlserver.jar, msbase.jar,
and msutil.jar. Enter mssqlserver.jar first. (In the
Windows installer, enter the other two JAR files as additional
files.)

JDBC driver class name You will be asked for the name of the SQL Server JDBC driver
class you are using. It is:
com.microsoft.jdbc.sqlserver.SQLServerDriver.

Database URL Each JDBC driver defines its own syntax for the URL. Consult
the driver documentation for details. For the SQL Server thin
client driver, the URL will look like this:
jdbc:microsoft:sqlserver://<dbhost>:<dbport>;
databaseName=<dbname>;selectMethod=cursor;
Where:
• dbhost is the name of the server that hosts the SQL
Server database
• dbport is the database server port number, for example:
1433
• dbname is the name of your SQL Server database

SQL Server database user Provide the name or ID of the account through which Entrust
IdentityGuard logs in and accesses your SQL Server
database. Entrust IdentityGuard uses this name together with
the database user password to log in to your database.

SQL Server database user Specify the password assigned to the SQL Server database
password user. Entrust IdentityGuard uses this password together with
the database user to log in to your database.

SQL Server database schema Specify your database schema name. It is dbo by default.
name

20 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

Feedback on guide
Chapter 3

Configuring an Oracle database

The Oracle database administrator must be involved in planning and carrying out
specific tasks in order to configure Entrust IdentityGuard 8.1 to work with an Oracle
database.
This chapter includes the following sections:
• “Setting up the Oracle database” on page 22.
• “Gathering your configuration data” on page 25.

21
 Setting up the Oracle database
Before you install Entrust IdentityGuard, you must prepare the Oracle database.
This section includes:
• “Preparing the Oracle database for installation” on page 22
• “Installing the Entrust IdentityGuard schema file for Oracle” on page 23
• “Installing the JDBC driver” on page 23
Remember to complete the procedures in this configuration guide before you install
Entrust IdentityGuard.

Preparing the Oracle database for installation

Create a separate tablespace for Entrust IdentityGuard data; that is, don’t use the
System tablespace. In addition, create another tablespace for temporary data created
by Oracle operations such as sorting.
You also need to create a database user for use by Entrust IdentityGuard with the
following privileges:
• Resource
• Create session
• Create view
• Create procedure
This user will administer and own the Entrust IdentityGuard database schema and
data, including the database tables.

Note: When preparing an Oracle database for Entrust IdentityGuard, keep in

mind the language and character set requirements of the country in which it will
run. If needed, use the NLS_LANG parameter to set the working language. It is
set as a local environment variable on UNIX platforms. In the past, Entrust
IdentityGuard products used this setting as the default:

% setenv NLS_LANG AMERICAN_AMERICA.WE8ISO8859P1

Some Entrust products are moving to the following setting, which supports the
Euro currency symbol:

% setenv NLS_LANG AMERICAN_AMERICA.WE8ISO8859P15

Consult the Oracle document Oracle Database Globalization Support Guide for
more information.

22 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

Feedback on guide
Installing the Entrust IdentityGuard schema
file for Oracle
Once you create the Entrust IdentityGuard database user and prepare the
tablespaces, you can create the Entrust IdentityGuard database tables using one of
the schema command files included in the Entrust IdentityGuard installation package.
Extract the applicable archive file for your operating system. Refer to the Entrust
IdentityGuard Installation Guide Installation Guide for details.
The schema files for Oracle are available under the IG_81/sql directory. You can
access them without having to install Entrust IdentityGuard. Run them as the newly
created Entrust IdentityGuard database user.
There are three schema files to choose from:
• If you are installing a new version of Entrust IdentityGuard, use the file
oracle_v81_schema.sql.
• If you are upgrading from Entrust IdentityGuard 8.0, use the file
oracle_v80_to_v81_upgrade.sql.
• If you are upgrading from Entrust IdentityGuard 7.2, use the file
oracle_v7x_to_v81_upgrade.sql.

Running the SQL file

There are several ways to run the above SQL files. Below is a simple example using
sqlplus.

To run the SQL file

1 Copy the applicable schema file to a working directory on the database server.
2 Enter a command like the following on the database server:
sqlplus <igadmin>/<igpass> @ <schema-file>
Where:
• igadmin is the database user account created for Entrust IdentityGuard
• igpass is the Entrust IdentityGuard database password
• schema-file is the full path name to the applicable schema file

Installing the JDBC driver

Locate the correct JDBC driver file. It is provided with your database software or from
a 3rd-party vendor.
Entrust IdentityGuard supports Oracle’s JDBC thin client driver (ojdbc14.jar) for
the Oracle 9i or 10g database. This is a platform-independent, type-4 driver that uses
Java to connect directly to Oracle. It implements Oracle's SQL *Net/Net8 and TTC

Configuring an Oracle database 23

Feedback on guide
 adapters using its own TCP/IP-based Java socket implementation. The driver does
not require you to have Oracle client software installed, but does require that you
configure the database server with a TCP/IP listener.
Place the JAR file in a location on the Entrust IdentityGuard Server where the person
installing Entrust IdentityGuard can find it during configuration.

24 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

Feedback on guide
Gathering your configuration data
You can now install Entrust IdentityGuard. This section describes how to prepare for
this installation. Refer to the Entrust IdentityGuard Installation Guide for complete
installation instructions.
As part of the Entrust IdentityGuard installation procedure, the installer will present
questions or options about the database and JDBC files. Make a note of the
information requirements in the following table.

Table 5: Configuration data

Configuration data Description

JDBC driver JAR file name You will be asked for the name of the correct JDBC file during
installation. It is: ojdbc14.jar.

JDBC driver class name You will be asked for the Oracle JDBC driver class you are
using. It is: oracle.jdbc.driver.OracleDriver.

Database URL Each JDBC driver defines its own syntax for the URL. Consult
the driver documentation for details. For the Oracle thin
client driver, the URL will look like this:
jdbc:oracle:thin:@<dbhost>:<dbport>:<SID>
Where:
• dbhost is the name of the server that hosts the Oracle
database
• dbport is the database server port number. The default
is 1521
• SID is the ID that uniquely distinguishes your Oracle
database from any other database that may be on your
system

Oracle database user Specify the name or ID of the account through which Entrust
IdentityGuard logs in and accesses your Oracle database.
Entrust IdentityGuard uses this name together with the
database user password to log in to your database.

Oracle database user password Provide the password assigned to the Oracle database user.
Entrust IdentityGuard uses this password together with the
database user to log in to your database.

Oracle database schema name Specify your database schema name. This prompt is used
with non-Oracle JDBC repositories.

Configuring an Oracle database 25

Feedback on guide
26 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0
Feedback on guide
 Index
- A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -
C L
configuration language
for DB2 16, 20 DB2 14
Customer support 10 Oracle 22
SQL 18

D
database
O
backup 6 Oracle
DB2 13 database 21
Oracle 21 JDBC 23
sizing 5 language 22
SQL 17 schema file 23
DB2 13
configuration 16, 20
database 13 P
language 14 Professional Services 11
schema files 14

S
G
schema file
Getting help DB2 14
Technical Support 10 edit for DB2 15
edit for SQL 19
Oracle 23
I run for Oracle 23
installation SQL 18
DB2 14 SQL Server
oracle 23 database 17
SQL 18

T
J Technical Support 10
JDBC typographic conventions 7
for DB2 15
for Oracle 23
for SQL 19
setting up 5

27
 - A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -

28 Entrust IdentityGuard 8.1 Database Administration Guide Document issue: 1.0

- A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -

Index 29