IBM ADDI Web Services prerequisites

Before you install and configure IBM ADDI Catalog and IBM ADDI Audit, make sure that the following steps are performed:

Check the Java requirements.
Check that any of the following database servers is installed and configured:
- Microsoft SQL Server
  Microsoft SQL Server 2016/2017/2019/2022 is installed and configured (accessible, if it is installed on a different machine). For more information, see Microsoft SQL server configurations at the end of this topic.
- Db2® for LUW (Linux®), UNIX, and Windows.
  If you use Db2 for LUW (Linux), UNIX, and Windows, IBM ADDI Dashboard will automatically create the Audit database for you if the prerequisites are met. For more information, see Prerequisite software for automatically creating the Db2 for LUW databases.
  Note: If the Audit database cannot be created automatically, you might want to check the instructions in Preparing repository using scripts for Db2 for LUW projects to troubleshoot and manually create the database.
Make sure that the two default ports (9080 and 9443) that are used by the IBM ADDI WebSphere® Liberty Profile Service are open, unused, and not blocked by your firewall. If the default ports are not available, see the troubleshooting tips at the end of this topic.
Manually create the Catalog database if you use Db2 for LUW (Linux, UNIX, and Windows). To create the Catalog database you can use the Db2 database client or you can start the Db2 command window and execute the following clause:
```
db2 create database CATDB using codeset UTF-8 territory en PAGESIZE 16384
```
Note: When the Catalog database has been created make sure to configure the Catalog Service to run on Db2 for LUW with TLS. For more information see, Configuring the Catalog Service to run on Db2 for LUW.
An SQL database needs to be manually created by your database administrator for IBM ADDI Catalog.
Note:
- The name of this database must match the name of the database that will be added in the server.xml configuration file, during the configuration process of IBM ADDI Catalog. For more information, see Configuring the Catalog Service.
- The database user that is used in the server.xml configuration file and connects to the Catalog database needs to have the db_owner database role membership.
How to set up manually the Catalog database
1. Start SQL Server Management Studio.
2. Log in by using the username and password for the IBM® AD SQL Identity, as defined in Microsoft SQL server configurations.
3. Right-click Databases and choose New Database.
4. Enter the Catalog database name, for example: catalog_db and press OK.
5. As a result the catalog_db database is created.
  Important: The Catalog database will be automatically populated when Data Collector starts for the first time.

For Data collector the version of the target z/OS® Connect server must be 3.0.2 or higher.

Troubleshooting tips: Changing the default ports for IBM ADDI WebSphere Liberty Profile Service

IBM ADDI WebSphere Liberty Profile Service uses 9080 and 9443 as the default ports. If the default ports are not available, then determine the ports that are available and that you would like to assign to IBM ADDI WebSphere Liberty Profile Service. When the ports are determined, complete the following steps to update the default ports for IBM ADDI WebSphere Liberty Profile Service.

Install IBM ADDI as described in Installing components with the IBM ADDI Installer. By default, for clean installations, the installer will open the IBM ADDI Configuration Wizard in the system's default browser. But since the default ports for IBM ADDI WebSphere Liberty Profile Service are not available, it wouldn't start correctly and the IBM ADDI Configuration Wizard would report an error similar to This page cannot be displayed or Unable to connect or This site can’t be reached depending on system's default browser.

To confirm if it's a port conflict issue, open the console.log file under the <IBM ADDI Installation Folder>/IBM AD Web Services/wlp/usr/servers/ad_server/log/ directory, and check if you notice error messages that are similar to the following example:

[ERROR   ] CWWKO0221E: TCP Channel defaultHttpEndpoint initialization did not succeed.  The socket bind did not succeed for host * and port 9080.  The port might already be in use.  Exception Message: Address already in use: bind
[ERROR   ] CWWKO0221E: TCP Channel defaultHttpEndpoint-ssl initialization did not succeed.  The socket bind did not succeed for host * and port 9443.  The port might already be in use.  Exception Message: Address already in use: bind

When the port conflict issue is confirmed, stop the IBM ADDI WebSphere Liberty Profile Service. The service can be stopped from Windows Services (services.msc) by locating IBM ADDI WebSphere Liberty Profile Service and clicking Stop.
Open the server.xml file and update the httpPort and httpsPort properties in the following section.
```
<httpEndpoint httpPort="9080" httpsPort="9443" id="defaultHttpEndpoint" host="*" />
```
Example:
```
<httpEndpoint httpPort="<new http port>" httpsPort="<new https port>" id="defaultHttpEndpoint" host="*" />
```
The <new http port> and <new https port> in the example represents the new port numbers that you want to use.
Save the server.xml file with your changes.
Restart the IBM Application Discovery WebSphere Liberty Profile Service. The service can be started from Windows Services (services.msc) by locating IBM ADDI WebSphere Liberty Profile Service and clicking Start.
Wait for the IBM ADDI WebSphere Liberty Profile Service and Audit application to start successfully.
Open the browser and visit the IBM ADDI Configuration Wizard at https://<host or ip address>:<new https port>/ad/admin/setup. For example, if you want to use localhost as the host address and 9444 as the httpsPort, then you can access the IBM ADDI Configuration Wizard at https://localhost:9444/ad/admin/setup.